Within our Competence Management service, selected professionals don’t just join a project, or position – they become valued members of the SWICON team. Our colleagues are our top priority: we offer personalized support, dedicated attention, and a true professional community – because no one is just a number here. This people-first approach has earned us multiple HR awards. Join us and be part of an inspiring, future-driven, and recognized team!
Introduction
Swicon Group is one of the leading members of the IT arena for almost a decade, since 2017 present also in Romania. Our wide range of services and highly trained professionals give us the opportunity to shape our solutions to fully meet the ideas and wishes of our clients. We are proud to have leading banks, insurance and telecommunication companies, as well as large FMCG corporations and SSCs amongst our highly prestigious partners.
Tasks
· Act to enforce security and information protection policies;
· Analyze and investigate security incidents assigned directly for resolution or posted in the dedicated application. Analyze and investigate customer complaints and reports regarding information security and confidentiality;
· Utilize threat intelligence feeds to identify emerging risks and correlate with internal telemetry
· Collect and disseminate intelligence across the organization to detect, prevent, and mitigate cyber threats
· Provide assistance in receiving, addressing, and reporting critical security incidents;
· Monitor, evaluate, and report on the evolution of threats and vulnerabilities of IT systems; Continuously monitor digital channels to identify phishing, smishing, and vishing campaigns.
· Analyze and validate alerts, block malicious sources, and coordinate response actions with the SOC.
· Improve detection scenarios and support simulated phishing programs.
· Monitor customer transactions and user behavior to detect anomalies or potential fraud.
· Investigate security incidents impacting customers (account takeover, unauthorized transactions, fraudulent actions).
· Work with Payments, Fraud, and Digital Banking teams to improve customer protection measures.
· Detect and investigate fake profiles impersonating bank employees or the corporate brand.
· Initiate takedown procedures with platform providers and follow up on case progress.
· Analyze social engineering trends and recommend preventive measures.
· Conduct end-to-end investigations of security cases reported by customers: log analysis, URL review, header inspection, digital evidence gathering.
· Identify the root cause of each incident and recommend remediation actions.
· Provide clear, professional communication to Customer Care and Fraud teams regarding findings.
· Investigate alerts related to privileged or sensitive users logging in outside standard business hours.
· Validate the legitimacy of activities, escalate when needed, and document outcomes.
· Tune alerts and collaborate with SOC to reduce false positives.
· Prepare onboarding documentation (log sources, use cases, integration details, detection rules).
· Configure log collection, set up secure connections, and validate the ingestion process.
· Test data quality, define initial alerting rules, and document the full setup.
· Gather, analyze, and disseminate indicators of compromise (IOCs), attack techniques (TTPs), and intelligence reports.
· Integrate CTI into SIEM rules, phishing scenarios, investigation playbooks, and detection pipelines.
· Collaborate with Group CTI teams and contribute to coordinated threat intelligence efforts.
· Use your ability to create automation scripts (Python, PowerShell) for: log enrichment, vulnerability scanning, phishing‑email triage workflows
· Ensure the provision of information and the introduction of the concept of security, education, and professional training;
· Execute work related to responding to internal and external audit missions;
· Participate in ensuring the security and protection of classified information;
Expectations
· Education: Bachelor's Degree or higher;
· Preferred, but not mandatory, certifications: CEH, SCCP, other specific IT and IT security technology courses and certifications;
· Minimum 3 years’ experience in the field of Information Security;
· Experience in cybersecurity, fraud prevention, SOC operations, or threat monitoring.
· Strong understanding of phishing, social engineering, digital fraud, and security protocols.
· Hands-on experience with SIEM platforms
· Excellent analytical skills and attention to detail.
· Ability to work with sensitive information and react quickly in critical situations.
· Clear communication skills and the ability to translate technical findings into actionable recommendations.
· English language proficiency.
Advantages
- Scripting knowledge (Python, PowerShell) is a strong advantage.
Employer's offer
- Excellent learning opportunities! Variety in your work and a fantastic, informal work atmosphere.
- A challenging environment that will stimulate you to grow as a professional!
- A great foundation for your career!
- Grow with us! Your role will develop over time, so you can increase your experience and responsibilities. So, you can advance faster and further in your future career.
- A friendly and welcoming work environment with an international working atmosphere where you can practice and learn new language skills with a diverse mix of colleagues and clients.
- A dynamic work environment with a culture that is open, innovative, and performance orientated.
- Hybrid working module.
Tags