Кариери

General duties

• Perform advanced analysis of security incidents and escalated alerts from L1 analysts
• Lead investigation and response to complex cyber incidents (malware, APTs, lateral movement, data exfiltration, etc.)
• Conduct threat hunting activities using SIEM, EDR, and other security tools
• Correlate data from multiple sources to identify attack patterns and root causes
• Develop and improve detection rules, use cases, and correlation logic in SIEM.
• Participate in incident response coordination and containment strategies
• Perform forensic analysis (endpoint, network, logs) where required
• Enhance SOC playbooks and operational procedures
• Mentor and support L1 analysts
• Collaborate with IT, Risk, and other security teams
• Contribute to continuous improvement of cyber defense processes and tooling 

Requirements

• Bachelor’s or Master’s degree in IT, Cybersecurity, or related field
• Minimum 3–5 years of experience in SOC, Incident Response, or Cybersecurity
• Strong experience with SIEM (e.g., QRadar, Splunk, Sentinel), EDR, and log analysis
• Hands-on experience with incident investigation and threat hunting
• Good understanding of:
• Network protocols and traffic analysis
• Attack techniques (MITRE ATT&CK framework)
• Malware behavior and detection techniques
• Experience with scripting (Python, PowerShell) is an advantage
• Familiarity with forensic tools and methodologies is a plus
• Relevant certifications are highly desirable (e.g., CEH, CySA+, GCIA, GCIH, CISSP)
• Strong analytical and problem-solving skills
• Ability to work under pressure during incidents
• Excellent English communication skills;

DSK Bank offers

• Excellent opportunities for professional and career development in one of Bulgaria’s leading banks
• Food vouchers in the amount of up to 102.26 EUR per month
• 20+5 paid holiday leave
• Additional Health Insurance
• Annual bonus scheme depending on the achieved results
• Favorable conditions for housing and mortgage lending, as well as for bank products and services
• Preferential conditions for Multisport / CoolFit card
• Discounts in various companies
• Professional trainings for specific knowledge and skills
• Refer a Friend Bonus
• Key role in a mature and evolving Cyber defense within a leading financial institution
• Exposure to complex, real-world cyber threats
• Opportunity to influence detection and response capabilities
• Competitive compensation and performance-based incentives
• Continuous professional development and certification support

Only shortlisted candidates will be contacted. All applications will be treated confidentially.

Documents for application

CV