We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Senior Security Incident Response Specialist (6 months) - Flutter Functions, Hybrid & Remote at Betfair. Location Information: Cluj-Napoca, Romania. Senior Security . Incident Response. Specialist (6 months) - Flutter Functions, Hybrid & Remote. Cyber Security Senior Specialist. About Betfair Romania Development​: . . Betfair Romania Development is the largest technology hub of Flutter Entertainment, with over 2,000 people powering the world’s leading sports betting and iGaming brands. Exciting, immersive and safe experiences are delivered to over 18 million customers worldwide, from our office in Cluj-Napoca. Driven by relentless innovation and commitment to excellence, we operate our own unbeatable portfolio of diverse proprietary brands such as FanDuel, PokerStars, SportsBet, Betfair, Paddy Power, or Sky Betting & Gaming. . . Our Values: . The values we share at Betfair Romania Development define what makes us unique as a team. They empower us by giving meaning to our contributions, and they ensure that we consistently strive for excellence in everything we do. We are looking for passionate individuals who align with our values and are committed to making a difference. . Win together | Raise the bar | Got your back | Own it | Positive impact . Role Overview: . Flutter is recruiting a Sr Incident Response Specialist to uplift and mature its cybersecurity capabilities across a global organization. This role will be to own the end-to-end Incident Response process, Preparation, Detection and Analysis, Containment, Eradication, Recovery and Post-Incident Activities, play a big part in improving how we log, detect and respond to threats from various platforms and help drive forward our NIST CSF maturity score. They must be comfortable working with cross-functional global teams in dynamic organisations, as the role will have interdependencies with teams in AWS, our partners, our internal engineering, security and business supporting teams across various functions in various brands across Flutter globally.. The ideal candidate will have experience working with enterprise organisations on large-scale migration/modernisation transformation projects, with a strong emphasis on cybersecurity. This role demands a customer-centric and collaborative approach, a deep technical understanding of cloud security solutions, and a passion for transforming business using cloud technologies.. Key Accountabilities & Responsabilities:. Own and conduct deep-dive investigations into complex security incidents by correlating events logs to understand attacker activity, scope, and impact.. Perform forensics analysis on identified threats to determine root cause and work with different teams on containment and remediation steps.. Identify missed detection opportunities or gaps in visibility and work with detections engineers and platform teams to propose and test improvements.. Work with the team to asses current-state monitoring and response workflows, contribute to updates or creation of IR and monitoring playbooks, escalation paths and log coverage frameworks/ processes.. Align work with broader NIST CSF maturity uplift goals – especially in the Detect and Respond domains.. Maintain accurate, usefull documentation around detection, incident timelines, and operational processes.. Collaborate with engineering, DevOps and platform teams.. Skills, Capabilities & Experience Required: . Building Support: We establish close relationships with our stakeholders, underpinned by trust, integrity, and respect. We are able to build awareness, understanding, and positive momentum behind the group technology strategy, often without being in a position to assert authority.. Objective: We are impartial and unbiased, ensuring equal treatment for all and that decisions are based on objective criteria.. Collaborative: We work effectively and in partnership with our stakeholders on shared goals that align towards the achievement of the group strategy. We foster a collaborative environment and assume the role of leader when required.. Adaptable: We understand and appreciate different and opposing perspectives on an issue and are able to adapt our approach in order to achieve a successful outcome.. Strategic Thinking: We think about the big picture and use that perspective to support our divisions to achieve competitive advantage through greater agility, faster time to market and a better customer experience.. Strategic Communication: We are proactive and considered in our approach to stakeholder communications. We actively listen, provide constructive feedback and help others to consider new perspectives.. Experience:. Proven experience with . SIEM. platforms, (preferably Splunk) for analysis, log ingestion, detection creation and dashboarding.. Experience performing security investigations, threat hunting, and . incident response. in the context of large organizations.. Understanding of Tactics, Techniques, and Procedures (TTPs) used by threat actors or groups.. Knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow).. Incident Response experience in AWS environments (CloudTrail, VPC Flow Logs, GuardDuty, SecHub). Solid understanding of Github audit logs and what abnormal or malicious behavior looks like accross CI/CD workflows.. Strong understanding on how to interpret offensive testing and translate them into actionable detection improvements.. Knowledge of MITTRE ATT&CK and how to map detections effectively.. Ability to work under pressure in fast-paced environments with high stakeholder visibility.. Experience with documenting workflows, frameworks, detection logic and new processes.. Benefits: . Hybrid & remote working options . €1,000 per year for self-development . Company share scheme . 25 days of annual leave per year . 20 days per year to work abroad . 5 personal days/year . Flexible benefits: travel, sports, hobbies . Extended health, dental and travel insurances . Customized well-being programmes . Career growth sessions . Thousands of online courses through Udemy . A variety of engaging office events . . Disclaimer: . . We are an inclusive employer. By embracing diverse experiences and perspectives, we create a lasting, positive impact for our employees, customers, and the communities we’re part of. You don't have to meet all the requirements listed to apply for this role. If you need any adjustments to make this role work for you, let us know, and we’ll see how we can accommodate them. . We thank all applicants for their interest; however, only the candidates who best meet the job requirements will be contacted for an interview. . By submitting your application online, you agree that your details will be used to progress your application for employment. If your application is successful, your details will be used to administer your personnel record. If your application is unsuccessful, we will retain your details for a period no longer than three years, to consider you for prospective roles within the company. . . .