Security

Security isn’t a state — it’s a process. And we’re looking for someone who knows how to drive it.

Softsich is a young and ambitious company making big waves in the world of digital entertainment. We combine strategic vision with deep tech expertise to build and scale high-performance products. Right now, we’re looking for a Security Engineer to strengthen our internal infrastructure and help automate key security workflows.

Your key responsibilities will include:

Monitor and analyze security alerts across multiple security platforms (SIEM, EDR, SOAR)
Lead Incident Response: serve as primary responder to security alerts, perform initial triage, conduct investigations, and coordinate remediation
Enhance Detection Capabilities: design, implement, and fine-tune detection rules and alerts across cloud environments
Conduct endpoint, network, and application log analysis to identify suspicious activity
Collaborate with IT, DevOps, and Compliance teams to enforce security standards and best practices
Assist in improving incident response processes, playbooks, and operational practices
Stay informed about emerging cybersecurity threats, trends, and industry developments
Deploy and manage MDM/UEM solutions (Jamf, Jumpcloud) across all endpoints
Advocate for best practices in IT and change management to strengthen security posture
Define and enforce security policies for workstations (passwords, encryption, restrictions, app controls)
Perform regular audits and compliance checks aligned with corporate standards
Monitor device health and security compliance, respond to related alerts
Coordinate patching and updates on endpoints through MDM
Conduct inventory and asset tracking, including remote wipe and lock management
Provide endpoint security reporting and metrics to IT leadership and compliance
Collaborate with incident response teams on mobile endpoint incidents

It’s a match if you have:

3+ years in IT Operations, System Administration, or related roles
Experience in security threat analysis or incident response, ideally within a SOC
Proven experience responding to and managing incidents in cloud environments (AWS, Azure, GCP) and SaaS services (Google Workspace, Atlassian)
Proficiency with SIEM platforms, including rule creation, tuning, and maintenance
Strong knowledge of cloud security monitoring tools and techniques
Understanding of network infrastructure
Experience analyzing endpoint, network, and application logs for anomalies
Practical understanding of common attack vectors and how to detect them
Experience with security automation and scripting for incident response workflows
Understanding of IT system architecture, network design, and IT/change management processes
Experience with virtualization technologies
Familiarity with identity management
Proficiency in platforms used for information security investigations and triage
Ukrainian — C1 level or native

Nice to have:

Experience with cloud-native security tools and services
Familiarity with scripting or automation (PowerShell, Bash, Python)
Experience with endpoint detection solutions and email security technologies
Knowledge of IT security audit techniques

What we offer:

A competitive salary
Remote work format or a modern office in Warsaw and/or Kyiv
Flexible working hours
An incredibly friendly team where everyone is ready to share knowledge, help, and support
24 working days of paid annual vacation
Paid sick leave
Health insurance (available for specialists based in Ukraine; other countries — in progress)
Zero joules of energy to the aggressor state, its affiliated businesses, or partners
Conference and business travel expenses covered (where applicable)
Birthday greetings (because you matter!)
Online and offline teambuilding events
Corporate celebrations

👉 Send over your CV now — we’d love to get to know you better!