Short company description

BIT SENTINEL is one of the largest cybersecurity providers in Central and Eastern Europe, trusted by organizations across all major industries. Our Security Operations Center (BSS-CERT) delivers comprehensive Managed Security Services, from advanced threat detection and response to robust compliance solutions.

Our strength is forged in offense. Founded by elite ethical hackers, BIT SENTINEL’s DNA is rooted in deep expertise in penetration testing, application code review, and incident response. We think like attackers to build a stronger defense.

This offensive mindset powers our BSS-CERT, where our team of certified specialists leverages their expertise to provide proactive, intelligent security. We operate from our Bucharest headquarters with a flexible service model tailored to client needs, including 24/7 monitoring capabilities and on-call SLA-backed support to ensure our clients are protected around the clock.

The role

You will be dealing with real-world infrastructure, focusing heavily on our on-prem Elastic SIEM deployment and our custom-built SOAR platform. You will bridge the gap between security engineering and analysis, automating the boring stuff, maintaining log pipelines, and assisting our clients with technical issues.

What you will do

• Master the Elastic Stack SIEM: Take charge of our on-prem Elastic deployment. You will help onboard new clients, manage data streams, update our deployment and client’s agents, configure indices and agent policies, and troubleshoot technical issues with the Elastic Agent on client endpoints.
• Build Automations: Utilize the newly introduced Elastic Workflows and our internally developed SOAR/web apps to automate repetitive tasks, alert generation, and incident response steps.
• Create ES|QL searches: By using the latest query language in our SIEM, you will engineer queries in order to detect threats, help analysts investigate alerts, and ensure that data ingestion is working properly.
• Leverage AI: Actively use and integrate AI tools (LLMs, scripting assistants) to accelerate your work, improve our custom tools, and help the team operate more efficiently.
• Tool Maintenance: Help maintain and upgrade our custom dashboards and internal security tools.
• Basic Security Analysis: Assist the senior analysts with basic log review, alert triage, and foundational security investigations.

What we are looking for

• Networking Fundamentals: You understand how computers talk to each other (TCP/IP, DNS, HTTP/S, routing basics, firewalls).
• Systems Knowledge: Comfortable navigating Windows and Linux operating systems.
• Scripting & Automation: Basic proficiency in Python, Bash, or PowerShell. You should be comfortable writing scripts to parse data or interact with APIs.
• Web development: You should understand how a web application works, and be able to develop and maintain one.
• AI Fluency: You know how to effectively prompt AI tools to write code, troubleshoot errors, and learn new concepts quickly.
• Insatiable Curiosity & Fast Learner: You have a genuine passion for cybersecurity and aren’t intimidated by unfamiliar technology. You are eager to dive into documentation, experiment, and rapidly learn new tools, frameworks, and concepts on the fly.
• Problem Solver: You don’t give up when you see an error log; you know how to search documentation, forums, and logs to find the root cause.

Bonus points

• Experience with the Elastic Stack (ELK), Splunk, or any other SIEM
• You run a homelab (Proxmox, VMware, Raspberry Pis, Active Directory, Firewall etc.)
• Experience playing CTFs (Capture The Flag) or using platforms like TryHackMe/HackTheBox/CyberEDU
• Familiarity with web application development (for our internal SOAR)
• Knowledge of Penetration Testing

What you will learn to do during the first 3 months

• Create an elastic Workflow to automate the alert triage and investigation, and integrate the workflow with the AI agent.
• Investigate client’s performance issues with the Elastic agent.
• Create and fine-tune a detection rule that will generate alerts for the SOC
• Investigate and solve other issues that will arise with our SIEM deployment
• Implement a new feature and fix a bug in our internally built SOAR
• Investigate an alert, and make a decision regarding next steps

Benefits package

• Flexible Hybrid Work: Balance your professional and personal life with a flexible schedule that combines the best of remote work and in-office collaboration.
• Comprehensive Health & Wellness: Your well-being is our priority. We provide private medical insurance for you and a family member, supplemented with daily meal tickets.
• Dedicated Growth Budget: We invest in your expertise. You’ll receive a generous annual budget for professional development, including industry-leading certifications and specialized training tailored to your career goals.
• Impactful Career Trajectory: This isn’t just a job; it’s a career path. As a key member of a growing, dynamic organization, you’ll work on a diverse portfolio of clients and have a clear runway for future advancement.
• Competitive Compensation & Rewards: We believe in recognizing great work. You’ll receive an attractive salary, a transparent performance-based bonus scheme, and regular incentives like gift vouchers.
• A Supportive & Collaborative Culture: Join a close-knit team of professionals in a friendly environment where your voice is heard. We build our community through fun, seasonal team-building activities that foster strong working relationships.

Other projects that we are proud of

• CyberEDU, a spin-off of Bit Sentinel – a next-gen cyber range as a service which is being used to host UNbreakable Romania, the National Cyber Security Olympics and the Romanian Cyber Security Challenge, while providing hands-on training and labs for Universities & Companies
• We deliver incident response, trainings and exercises and preparedness services for European Union Agency for Cybersecurity under Cybersecurity Support Action 
• Phish Enterprise, a spin-off of Bit Sentinel – empower employees with cybersecurity training and phishing simulations to defend against cyber threats
• Participating in CYRESRANGE: Cyber Ranges Resiliency Networks
• Participating in ECYBRIDGE: strengthening synergies in defence and civilian cybersecurity
• Participated in RESISTO project: an innovative solution for Communication Critical Infrastructures holistic situation awareness and enhanced resilience
• Technical coordinator for the National Phase & Selection of National Teams of European Cyber Security Challenge, one of the most important cybersecurity competitions from Europe

How to contact us

We are really excited that you consider applying for your future career in cybersecurity at Bit Sentinel. Please fill out the form and we will get back to you asap. 🙂