We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Senior Threat Detection & Incident Responder (6 months), Flutter Functions - Hybrid & Remote at Betfair. Location Information: Cluj-Napoca, Romania. Senior Threat Detection & Incident Responder (6 months), Flutter Functions - Hybrid & Remote. Cyber Security Senior Specialist. About Betfair Romania Development​: . . Betfair Romania Development is the largest technology hub of Flutter Entertainment, with over 2,000 people powering the world’s leading sports betting and iGaming brands. Exciting, immersive and safe experiences are delivered to over 18 million customers worldwide, from our office in Cluj-Napoca. Driven by relentless innovation and commitment to excellence, we operate our own unbeatable portfolio of diverse proprietary brands such as FanDuel, PokerStars, SportsBet, Betfair, Paddy Power, or Sky Betting & Gaming. . . Our Values: . The values we share at Betfair Romania Development define what makes us unique as a team. They empower us by giving meaning to our contributions, and they ensure that we consistently strive for excellence in everything we do. We are looking for passionate individuals who align with our values and are committed to making a difference. . Win together | Raise the bar | Got your back | Own it | Positive impact . About Flutter Functions . The Flutter Functions division is a key component of Flutter Entertainment, responsible for providing essential support and services across the organization. The division encompasses various corporate functions, including finance, legal, human resources, technology, and more, ensuring seamless operations and strategic alignment throughout the company. . . Role Overview: . Flutter is recruiting a Senior Threat Detection & . Incident Response. (TDIR) Specialist to uplift and mature its cybersecurity capabilities across a global organization. This role will play a big part in designing and implementing a logging and monitoring framework, developing detections mapped to MITTRE ATT&CK, and leading technical . incident response. processes across a highly complex environment. They must be comfortable working with cross-functional global teams in dynamic organisations, as the role will have interdependencies with teams in AWS, our partners, our internal engineering, security and business supporting teams across various functions in various brands across Flutter globally.. The ideal candidate will have experience working with enterprise organisations on large-scale migration/modernisation transformation projects, with a strong emphasis on cybersecurity. This role demands a customer-centric and collaborative approach, a deep technical understanding of cloud security solutions, and a passion for transforming business using cloud technologies.. Key Accountabilities & Responsabilities:. Create threat detection rules, alerts, and dashboards mapped to the MITTRE ATT&CK framework using . SIEM. and other security tools.. Perform in-depth security incident analysis and response using Splunk, AWS-native tools as well as SaaS platforms.. Proactively identify and mitigate emerging threats through dedicated threat hunting activities.. Enhance detections by integrating TI feeds, asset sensitivity and other supporting telemetry.. Test and validate the effectiveness of detections – whether through participating in red/purple team exercises, running atomic tests, or collaborating with system owners/ red teams to simulate attacks.. Collaborate with cross-functional teams (infra, DevOpsm Product) for containment and remediation.. Document playbooks, detection logicm procedure and contribute to knowledge base development.. Skills, Capabilities & Experience Required: . Building Support: We establish close relationships with our stakeholders, underpinned by trust, integrity, and respect. We are able to build awareness, understanding, and positive momentum behind the group technology strategy, often without being in a position to assert authority.. Objective: We are impartial and unbiased, ensuring equal treatment for all and that decisions are based on objective criteria.. Collaborative: We work effectively and in partnership with our stakeholders on shared goals that align towards the achievement of the group strategy. We foster a collaborative environment and assume the role of leader when required.. Adaptable: We understand and appreciate different and opposing perspectives on an issue and are able to adapt our approach in order to achieve a successful outcome.. Strategic Thinking: We think about the big picture and use that perspective to support our divisions to achieve competitive advantage through greater agility, faster time to market and a better customer experience.. Strategic Communication: We are proactive and considered in our approach to stakeholder communications. We actively listen, provide constructive feedback and help others to consider new perspectives.. Experience:. Proven experience with SIEM platforms, (preferably Splunk) for log ingestion, detection creation and dashboarding.. Experience performing security investigations, threat hunting, and incident response in the context of large organizations.. Understanding of Tactics, Techniques, and Procedures (TTPs) used by threat actors or groups.. Knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow).. Incident Response experience in AWS environments (CloudTrail, VPC Flow Logs, GuardDuty, SecHub). Hands-on experience with detection validation techniques, including running atomic tests, collaborating with red team/purple teams to test out newly developed detections.. Strong understanding on how to interpret offensive testing and translate them into actionable detection improvements.. Proficiency managing detections across diverse SaaS platforms globally and ability to perform analysis on in-house developed apps for detection creation based on known frameworks like MITTRE ATT&CK.. Ability to work under pressure in fast-paced environments with high stakeholder visibility.. Experience with documenting workflows, frameworks, detection logic and new processes.. Benefits: . Hybrid & remote working options . €1,000 per year for self-development . Company share scheme . 25 days of annual leave per year . 20 days per year to work abroad . 5 personal days/year . Flexible benefits: travel, sports, hobbies . Extended health, dental and travel insurances . Customized well-being programmes . Career growth sessions . Thousands of online courses through Udemy . A variety of engaging office events . . Disclaimer: . . We are an inclusive employer. By embracing diverse experiences and perspectives, we create a lasting, positive impact for our employees, customers, and the communities we’re part of. You don't have to meet all the requirements listed to apply for this role. If you need any adjustments to make this role work for you, let us know, and we’ll see how we can accommodate them. . We thank all applicants for their interest; however, only the candidates who best meet the job requirements will be contacted for an interview. . By submitting your application online, you agree that your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than three years, to consider you for prospective roles within the company. . .