Пълно описание
Senior cyber defense analyst , Sofia
DSK Bank is part of OTP Group – one of the leading banking groups in Central and Eastern Europe. Our amazing company is following an ambitious journey, which requires bright and motivated people to build its successful future. This position is a fantastic opportunity for a professional to create value and develop within one of the largest banks in Bulgaria.
As part of our team, you will join one of the largest banking organizations in Bulgaria, playing a key role in maintaining relationships with leading companies and millions of individual customers.
We are currently looking for an Senior cyber defense analyst (L2 SOC Analyst) to join the Cyber Defense Section, Information Security Department, Head Office, Sofia.
DSK Bank is part of OTP Group – one of the leading banking groups in Central and Eastern Europe. Our amazing company is following an ambitious journey, which requires bright and motivated people to build its successful future. This position is a fantastic opportunity for a professional to create value and develop within one of the largest banks in Bulgaria.
As part of our team, you will join one of the largest banking organizations in Bulgaria, playing a key role in maintaining relationships with leading companies and millions of individual customers.
We are currently looking for an Senior cyber defense analyst (L2 SOC Analyst) to join the Cyber Defense Section, Information Security Department, Head Office, Sofia.
Your Responsibilities:
- Perform advanced analysis of security incidents and escalated alerts from L1 analysts
- Lead investigation and response to complex cyber incidents (malware, APTs, lateral movement, data exfiltration, etc.)
- Conduct threat hunting activities using SIEM, EDR, and other security tools
- Correlate data from multiple sources to identify attack patterns and root causes
- Develop and improve detection rules, use cases, and correlation logic in SIEM.
- Participate in incident response coordination and containment strategies
- Perform forensic analysis (endpoint, network, logs) where required
- Enhance SOC playbooks and operational procedures
- Mentor and support L1 analysts
- Collaborate with IT, Risk, and other security teams
- Contribute to continuous improvement of cyber defense processes and tooling
- Bachelor’s or Master’s degree in IT, Cybersecurity, or related field
- Minimum 3–5 years of experience in SOC, Incident Response, or Cybersecurity
- Strong experience with SIEM (e.g., QRadar, Splunk, Sentinel), EDR, and log analysis
- Hands-on experience with incident investigation and threat hunting
- Network protocols and traffic analysis
- Attack techniques (MITRE ATT&CK framework)
- Malware behavior and detection techniques
- Experience with scripting (Python, PowerShell) is an advantage
- Familiarity with forensic tools and methodologies is a plus
- Relevant certifications are highly desirable (e.g., CEH, CySA+, GCIA, GCIH, CISSP)
- Strong analytical and problem-solving skills
- Ability to work under pressure during incidents
- Excellent English communication skills
- Excellent opportunities for professional and career development in one of Bulgaria’s leading banks
- Food vouchers in the amount of up to 102.26 EUR per month
- 20+5 paid holiday leave
- Additional Health Insurance
- Annual bonus scheme depending on the achieved results
- Favorable conditions for housing and mortgage lending, as well as for bank products and services
- Preferential conditions for Multisport / CoolFit card
- Discounts in various companies
- Professional trainings for specific knowledge and skills
- Refer a Friend Bonus
- Key role in a mature and evolving Cyber defense within a leading financial institution
- Exposure to complex, real-world cyber threats
- Opportunity to influence detection and response capabilities
- Competitive compensation and performance-based incentives
- Continuous professional development and certification support