Betfair Romania Development

Security Detection & Response Engineer - Flutter Functions

Betfair Romania Development

full-time

Posted on:

Location Type: Hybrid

Location: Cluj-NapocaRomania

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSSplunk

About the role

  • Design, develop, and maintain threat detection rules, alerts, and dashboards mapped to the MITRE ATT&CK framework using SIEM and other security tools.
  • Continuously tune and optimize existing detections to reduce false positives while maintaining high detection efficacy.
  • Conduct regular reviews of detection coverage and identify gaps based on threat intelligence, incident trends, and organizational risk profile.
  • Test and validate detection effectiveness through atomic testing, purple team exercises, and collaboration with red teams.
  • Perform triage and in-depth analysis of security alerts using Splunk, AWS-native tools, and various SaaS security platforms
  • Conduct root cause analysis and post-incident reviews to drive continuous improvement.
  • Research, design, and implement automation solutions to streamline detection creation, alert enrichment, and incident response workflows.
  • Explore and pilot the use of Large Language Models (LLMs) and generative AI to enhance security operations, including automated alert analysis, playbook generation, and response recommendations.
  • Develop and maintain automated response playbooks and orchestration workflows using SOAR platforms and scripting.
  • Integrate threat intelligence feeds into detection and response workflows to enhance context and prioritization.
  • Track threat actor TTPs and translate them into actionable detections.
  • Document detection logic, alert triage procedures, incident response playbooks, and automation workflows.
  • Contribute to the security knowledge base and runbook library.

Requirements

  • Proven experience with SIEM platforms (preferably Splunk) for query development, detection creation, alert tuning, and dashboarding.
  • Demonstrated experience in security alert analysis, incident response, and threat hunting within large, complex organizations.
  • Hands-on experience with detection validation techniques, including atomic testing frameworks (e.g., Atomic Red Team) and purple team collaboration.
  • Strong understanding of the MITRE ATT&CK framework and ability to map threat actor TTPs to defensive controls.
Benefits
  • Hybrid & remote working options
  • €1,000 per year for self-development
  • Company share scheme
  • 25 days of annual leave per year
  • 20 days per year to work abroad
  • 5 personal days/year
  • Flexible benefits: travel, sports, hobbies
  • Extended health, dental and travel insurances
  • Customized well-being programmes
  • Career growth sessions
  • Thousands of online courses through Udemy
  • A variety of engaging office events
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
threat detection rulesalert tuningdetection validationautomation solutionsincident response workflowsroot cause analysissecurity alert analysisthreat huntingdashboardingmapping threat actor TTPs
Soft Skills
collaborationcontinuous improvementdocumentation