SOC Cyber Security Engineer

Short company description

BIT SENTINEL is one of the largest cybersecurity providers in Central and Eastern Europe, trusted by organizations across all major industries. Our Security Operations Center (BSS-CERT) delivers comprehensive Managed Security Services, from advanced threat detection and response to robust compliance solutions.

Our strength is forged in offense. Founded by elite ethical hackers, BIT SENTINEL's DNA is rooted in deep expertise in penetration testing, application code review, and incident response. We think like attackers to build a stronger defense.

This offensive mindset powers our BSS-CERT, where our team of certified specialists leverages their expertise to provide proactive, intelligent security. We operate from our Bucharest headquarters with a flexible service model tailored to client needs, including 24/7 monitoring capabilities and on-call SLA-backed support to ensure our clients are protected around the clock.

Overview

We are looking for a highly motivated and innovative Cyber Security Engineer to be a critical architect of our SOC. This is not a typical analyst role. You are a builder, a problem-solver, and a force multiplier. You will have the autonomy to not only respond to threats but to design the very systems, automations, and processes that defeat them.

If you are driven by a relentless desire to improve, automate, and stay one step ahead of adversaries, you belong here.

Key Responsibilities

As a core member of the BSS-CERT, you will shape our technical capabilities and directly contribute to our clients' security posture.

Lead Advanced Threat Response: Own security incidents from detection to closure. You will be technical authority for complex investigations escalated from L1/L2, performing deep-dive analysis to understand the threat, its impact, and orchestrating the response.

Engineer & Automate: Be our automation champion. Identify inefficiencies and build robust solutions using Python, PowerShell, and other tools. You will design, develop, and deploy new playbooks, runbooks, and integrations for our SOAR and SIEM platforms.

Enhance Detection Capabilities: Constantly refine our security posture. You will proactively hunt for threats, perform threat modeling, and leverage your knowledge of attacker TTPs to write more intelligent detection rules and improve our monitoring strategy across SIEM, EDR, and IDS systems.

Innovate & Research: Drive our R&D efforts. You'll investigate emerging threats, test new security tools, and develop novel defense techniques. You'll have the opportunity to create realistic attack/defense scenarios for our cyber range.

Mentor & Collaborate: Act as a technical guide for your colleagues. You'll share your expertise, improve documentation, and work closely with our Red Team and Vulnerability Management teams to create a powerful, unified security function.

Required Qualifications & Skills

Experience: 2-5 years in a hands-on cybersecurity role (e.g., SOC Analyst, Security Engineer, Incident Responder).

Technical Foundations: A solid grasp of network protocols, services, vulnerabilities, and common attack vectors.

Automation Mindset: Proven scripting skills (Python, Bash, or PowerShell) and a genuine passion for automating manual tasks. You see a repetitive process and immediately think, "I can build a script for that."

Key Skills: Familiarity with modern security concepts, including application, network, and cloud security. You are detail-oriented, highly organized, and an excellent communicator.

Attitude: You are a self-starter who thrives on autonomy and doesn't want to be micromanaged. You are a natural collaborator who elevates the team around you.

Excellent analytical, critical thinking, and problem-solving skills, with the ability to perform calmly under pressure.

Competitive Advantage

SOC Tooling: Hands-on experience with SIEM (Elastic, Splunk), SOAR (Phantom, Demisto), and EDR platforms.

Infrastructure as Code: Familiarity with tools like Ansible, Terraform, or Docker/Kubernetes.

Offensive Security: A background in penetration testing, malware analysis, or bug bounties.

Frameworks & Standards: Knowledge of MITRE ATT&CK, ISO 27001, PCI DSS, GDPR, or NIS, NIST SP800-61r1, SP800-61r2, SANS PICERL.

Previous experience with raw log file review, data correlation, and analysis, as well as with network security tools, network traffic analyzers, firewall logs, network flows, intrusion detection systems, system logs, memory dumps, vulnerability management, SOAR platforms, SIEM, especially Elastic SIEM, and other Enterprise / Open Source equivalents.

Certifications: Professional certifications are valued (GIAC, OSCP, CompTIA, etc.).

Experience working in a Managed Security Service Provider (MSSP) environment.

Benefits package

Flexible Hybrid Work: Balance your professional and personal life with a flexible schedule that combines the best of remote work and in-office collaboration.

Comprehensive Health & Wellness: Your well-being is our priority. We provide private medical insurance for you and a family member, supplemented with daily meal tickets.

Dedicated Growth Budget: We invest in your expertise. You'll receive a generous annual budget for professional development, including industry-leading certifications and specialized training tailored to your career goals.

Impactful Career Trajectory: This isn't just a job; it's a career path. As a key member of a growing, dynamic organization, you'll work on a diverse portfolio of clients and have a clear runway for future advancement.

Competitive Compensation & Rewards: We believe in recognizing great work. You'll receive an attractive salary, a transparent performance-based bonus scheme, and regular incentives like gift vouchers.

A Supportive & Collaborative Culture: Join a close-knit team of professionals in a friendly environment where your voice is heard. We build our community through fun, seasonal team-building activities that foster strong working relationships.

Other projects that we are proud of

CyberEDU, a spin-off of Bit Sentinel – a next-gen cyber range as a service which is being used to host UNbreakable Romania, the National Cyber Security Olympics and the Romanian Cyber Security Challenge, while providing hands-on training and labs for Universities & Companies

We deliver incident response, trainings and exercises and preparedness services for European Union Agency for Cybersecurity under Cybersecurity Support Action

Phish Enterprise, a spin-off of Bit Sentinel – empower employees with cybersecurity training and phishing simulations to defend against cyber threats

Participating in CYRESRANGE: Cyber Ranges Resiliency Networks

Participating in ECYBRIDGE: strengthening synergies in defence and civilian cybersecurity

Participated in RESISTO project: an innovative solution for Communication Critical Infrastructures holistic situation awareness and enhanced resilience

Technical coordinator for the National Phase & Selection of National Teams of European Cyber Security Challenge, one of the most important cybersecurity competitions from Europe