SOC Cyber Security Engineer

Short Company Description
BIT SENTINEL is one of the largest cybersecurity providers in Central and Eastern Europe, trusted by organizations across all major industries. Our Security Operations Center (BSS-CERT) delivers comprehensive Managed Security Services, from advanced threat detection and response to robust compliance solutions.

Our strength is forged in offense. Founded by elite ethical hackers, BIT SENTINEL's DNA is rooted in deep expertise in penetration testing, application code review, and incident response. We think like attackers to build a stronger defense.

This offensive mindset powers our BSS-CERT, where our team of certified specialists leverages their expertise to provide proactive, intelligent security. We operate from our Bucharest headquarters with a flexible service model tailored to client needs, including 24/7 monitoring capabilities and on-call SLA-backed support to ensure our clients are protected around the clock.

Overview
We are looking for a highly motivated and innovative Cyber Security Engineer to be a critical architect of our SOC. This is not a typical analyst role. You are a builder, a problem-solver, and a force multiplier. You will have the autonomy to not only respond to threats but to design the very systems, automations, and processes that defeat them.

If you are driven by a relentless desire to improve, automate, and stay one step ahead of adversaries, you belong here.

Key Responsibilities

As a core member of the BSS-CERT, you will shape our technical capabilities and directly contribute to our clients' security posture.

• Lead Advanced Threat Response: Own security incidents from detection to closure. You will be technical authority for complex investigations escalated from L1/L2, performing deep-dive analysis to understand the threat, its impact, and orchestrating the response.
• Engineer & Automate: Be our automation champion. Identify inefficiencies and build robust solutions using Python, PowerShell, and other tools. You will design, develop, and deploy new playbooks, runbooks, and integrations for our SOAR and SIEM platforms.
• Enhance Detection Capabilities: Constantly refine our security posture. You will proactively hunt for threats, perform threat modeling, and leverage your knowledge of attacker TTPs to write more intelligent detection rules and improve our monitoring strategy across SIEM, EDR, and IDS systems.
• Innovate & Research: Drive our R&D efforts. You'll investigate emerging threats, test new security tools, and develop novel defense techniques. You'll have the opportunity to create realistic attack/defense scenarios for our cyber range.
• Mentor & Collaborate: Act as a technical guide for your colleagues. You'll share your expertise, improve documentation, and work closely with our Red Team and Vulnerability Management teams to create a powerful, unified security function.

Required Qualifications & Skills

• Experience: 2-5 years in a hands-on cybersecurity role (e.g., SOC Analyst, Security Engineer, Incident Responder).
• Technical Foundations: A solid grasp of network protocols, services, vulnerabilities, and common attack vectors.
• Automation Mindset: Proven scripting skills (Python, Bash, or PowerShell) and a genuine passion for automating manual tasks. You see a repetitive process and immediately think, "I can build a script for that."
• Key Skills: Familiarity with modern security concepts, including application, network, and cloud security. You are detail-oriented, highly organized, and an excellent communicator.
• Attitude: You are a self-starter who thrives on autonomy and doesn't want to be micromanaged. You are a natural collaborator who elevates the team around you.
• Excellent analytical, critical thinking, and problem-solving skills, with the ability to perform calmly under pressure.

Competitive Advantage

• SOC Tooling: Hands-on experience with SIEM (Elastic, Splunk), SOAR (Phantom, Demisto), and EDR platforms.
• Infrastructure as Code: Familiarity with tools like Ansible, Terraform, or Docker/Kubernetes.
• Offensive Security: A background in penetration testing, malware analysis, or bug bounties.
• Frameworks & Standards: Knowledge of MITRE ATT&CK, ISO 27001, PCI DSS, GDPR, or NIS, NIST SP800-61r1, SP800-61r2, SANS PICERL.
• Previous experience with raw log file review, data correlation, and analysis, as well as with network security tools, network traffic analyzers, firewall logs, network flows, intrusion detection systems, system logs, memory dumps, vulnerability management, SOAR platforms, SIEM, especially Elastic SIEM, and other Enterprise / Open Source equivalents.
• Certifications: Professional certifications are valued (GIAC, OSCP, CompTIA, etc.).
• Experience working in a Managed Security Service Provider (MSSP) environment.

Benefits package

• Flexible Hybrid Work: Balance your professional and personal life with a flexible schedule that combines the best of remote work and in-office collaboration.
• Comprehensive Health & Wellness: Your well-being is our priority. We provide private medical insurance for you and a family member, supplemented with daily meal tickets.
• Dedicated Growth Budget: We invest in your expertise. You'll receive a generous annual budget for professional development, including industry-leading certifications and specialized training tailored to your career goals.
• Impactful Career Trajectory: This isn't just a job; it's a career path. As a key member of a growing, dynamic organization, you'll work on a diverse portfolio of clients and have a clear runway for future advancement.
• Competitive Compensation & Rewards: We believe in recognizing great work. You'll receive an attractive salary, a transparent performance-based bonus scheme, and regular incentives like gift vouchers.
• A Supportive & Collaborative Culture: Join a close-knit team of professionals in a friendly environment where your voice is heard. We build our community through fun, seasonal team-building activities that foster strong working relationships.

Other projects that we are proud of

• CyberEDU, a spin-off of Bit Sentinel – a next-gen cyber range as a service which is being used to host UNbreakable Romania, the National Cyber Security Olympics and the Romanian Cyber Security Challenge, while providing hands-on training and labs for Universities & Companies
• We deliver incident response, trainings and exercises and preparedness services for European Union Agency for Cybersecurity under Cybersecurity Support Action
• Phish Enterprise, a spin-off of Bit Sentinel – empower employees with cybersecurity training and phishing simulations to defend against cyber threats
• Participating in CYRESRANGE: Cyber Ranges Resiliency Networks
• Participating in ECYBRIDGE: strengthening synergies in defence and civilian cybersecurity
• Participated in RESISTO project: an innovative solution for Communication Critical Infrastructures holistic situation awareness and enhanced resilience
• Technical coordinator for the National Phase & Selection of National Teams of European Cyber Security Challenge, one of the most important cybersecurity competitions from Europe

Final Notes

For CV or any other inquiries, please send us an email at -

To ensure a fair and authentic recruitment process, we ask all candidates to participate in interviews without using AI tools or external assistance. Our goal is to evaluate your personal skills, experience, and communication style – we want to get to know
you
, not an AI. For this reason, please avoid using virtual backgrounds and note that in-person interviews may form part of our selection process.

Use of AI-generated content or third-party support during interviews may result in disqualification. All successful candidates will undergo comprehensive background checks, including identity, education, and criminal record verification.

We appreciate all applicants for their interest. Only those who best match the role requirements will be contacted for further steps.

By submitting your application, you consent to the use of your personal data for recruitment purposes. If hired, your data will be used to manage your employment record. If not selected, we may retain your information for up to three years to consider you for future opportunities.

Related articles

CVE Nuclei Template for Scanning FortiGate Firewalls

Read More

5 reasons why cyber attacks increase during the Christmas holidays

Read More

Top 9 cybersecurity trends to be aware of in 2023

Read More

PREVIOUS ARTICLE