👩‍💼 Want to stand out? Improve your resume to appeal to recruiters, hiring managers, and Applicant Tracking Systems.
➡️ Improve your resume

**About Us:**

SmartSoft is a software provider for the online commerce industry based in Georgia and successfully operates internationally. The core line of the business is game and supportive software development for iGaming operators. The team of more than 140 employees carries out a complete game development cycle and distributes products worldwide.

**Job Summary:**

We are looking for a hands-on cybersecurity professional to lead the implementation, configuration, and maintenance of our SIEM and endpoint security technologies. As a key member of our small and growing security team, you will be responsible for log integration, detection rule engineering, EDR deployment and maintenance, and incident response. This is a hybrid role combining multiple cybersecurity functions, ideal for someone looking to take ownership and grow into a future SOC Manager role.

**Key Responsibilities:**

**SIEM Administration & Engineering**
* Configure, administer, and maintain our SIEM platform to ensure high availability and performance.
* Develop and tune detection rules, alerts, and correlation logic to identify threats and anomalous behavior.
* Integrate logs from a wide range of sources (network devices, servers, applications, security tools) into the SIEM.

**EDR Deployment & Management**
* Oversee the installation, configuration, and technical maintenance of our Endpoint Detection & Response (EDR) solution.
* Ensure coverage across all endpoints and respond to technical issues related to EDR agents.
* Collaborate with internal teams to ensure endpoints are securely configured and monitored.

**Threat Detection, Threat intelligence & Incident Response**
* Lead investigation and response to security alerts and incidents triggered by SIEM or EDR.
* Support root cause analysis, containment, and remediation activities.
* Document incident handling procedures and outcomes.
* Conduct tactical and operational CTI analysis to improve incident management and response process.
* Participating in Purple team exercises.

**Security Configuration & Optimization**
* Ensure security tools are aligned with best practices and internal policies.
* Configuration assessment of Hardware and software systems for information security.
* Continuously improve detection logic, log coverage, and alert fidelity.
* Maintain up-to-date documentation of configurations and processes.

**Collaboration & Future Leadership**
* Work closely with IT and other stakeholders to enhance security visibility.
* Identify areas for improvement in log ingestion, alerting, and system performance, and implement enhancements accordingly.
* Prepare to take on a leadership role as our security operations function expands.

**Qualifications:**
* Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
* 1-3 years of hands-on experience in cybersecurity, preferably in SIEM and endpoint security.
* Experience integrating logs and tuning detection rules.
* Exposure to incident response processes and tools.
* Holding certifications such as CompTIA Security+, CySA+, or equivalent is considered advantageous.
* SIEM- or EDR-specific certifications are a plus.

**Technical Skills:**
* Strong proficiency in SIEM platforms (Elastic SIEM, Splunk, Sentinel, etc.)
* Experience working with log formats and protocols (Syslog, JSON, Windows Event Logs, etc.)
* Familiarity with EDR platforms (e.g., Bitdefender, SentinelOne, CrowdStrike)
* Understanding of networking concepts (TCP/IP, DNS, VPNs, firewalls)
* Comfortable working with Windows and Linux systems
* Scripting (e.g., PowerShell, Bash, Python) is a plus.

*By submitting your application, you understand that your data will be processed as set out in our Privacy Policy.*