Cyber Defense Specialist

Cyber Defense Specialist

Amusnet

Sofia, Bulgaria

We are expanding our Cyber Defence Operations capability and are seeking an experienced Cyber Defence Specialist to protect Amusnet’s global iGaming infrastructure.

This is a hands-on, expert-level role focused on advanced threat detection, structured investigations, proactive threat hunting and end-to-end incident response. You will leverage modern SIEM, EDR/XDR, cloud security and automation technologies to strengthen detection coverage, improve response effectiveness and continuously enhance our defensive capabilities. You will play a key role in safeguarding business operations, regulatory compliance and customer trust in a global, highly regulated environment.

THE PERFECT TEAM MEMBER IS INSPIRED TO:

• Conduct continuous security monitoring across systems, networks, endpoints, cloud platforms and iGaming infrastructure;
• Lead end-to-end incident response activities, including containment, eradication, recovery and post-incident analysis;
• Design and continuously tune detection use cases across SIEM, EDR/XDR and cloud-native platforms, including authoring and maintaining YARA/Sigma rules in line with detection standards;
• Automate security workflows and response playbooks using scripting and SOAR technologies;
• Triage vulnerabilities in coordination with infrastructure and development teams and validate remediation effectiveness;
• Perform proactive threat hunting based on threat intelligence, behavioral anomalies and emerging attack patterns;
• Contribute to incident reporting, executive summaries and compliance documentation;
• Support security readiness for audits and regulatory requirements in regulated gaming markets.

THE SKILLS THAT WILL GRAB OUR ATTENTION IS:

• 3-5 years of experience in a SOC, Incident Response, Threat Hunting or Cyber Defence role;
• Strong hands-on experience with SIEM platforms, EDR/XDR technologies, cloud security monitoring and vulnerability management platforms;
• Proven experience developing and tuning detection logic, including YARA and Sigma rule creation and customization;
• Practical scripting capability (Python, PowerShell or Bash) for automation and investigation;
• Solid understanding of the MITRE ATT&CK framework, adversary tactics and attack chains, log analysis and forensic fundamentals and network protocols and endpoint behavior;
• Experience in regulated or high-availability environments is an advantage;
• Certifications such as Security+, CySA+, GCIH, GCED or equivalent are valued but not mandatory.