Tiebreak's Careers

Tiebreak Solutions Ltd. is a global MarTech company focused on providing advanced technological solutions for brokerages and financial institutions worldwide. We build powerful, scalable trading products across web and mobile platforms, reliably processing billions of transactions per year.

The Sofia branch is the group’s R&D, DevOps, QA and cybersecurity hub. The Information Security team protects both Tiebreak’s internal infrastructure and production environments of regulated financial clients subject to DORA, GDPR, NIS2 and equivalent jurisdictional requirements.

About the Role

You will join a small, hands-on cybersecurity team reporting directly to the CISO. Day-to-day, you will run vulnerability management, tune detection content, investigate alerts, harden the Microsoft-centric estate and support both internal stakeholders and regulated financial clients. You will operate established tooling rather than green-field it — but you are expected to improve what you touch. The role suits a self-directed engineer who prefers depth over breadth and clean documentation over heroics.

The role includes mandatory participation in the cybersecurity on-call rotation and the weekly system monitoring rotation per the published schedule. Both are compensated through a fixed on-call retainer and overtime pay.

Responsibilities

Vulnerability Management

• Run and manage vulnerability scans across infrastructure and endpoints
• Track remediation and support patch management activities
• Maintain vulnerability reports and risk documentation
• Support penetration testing and remediation follow-up

Monitoring & Detection

• Monitor and improve SIEM and IDS/IPS tooling (Security Onion, Suricata, Zeek, etc.)
• Tune detection rules and reduce false positives
• Investigate and triage security alerts
• Support threat detection and monitoring improvements

Incident Response

• Participate in cybersecurity on-call and monitoring rotations
• Investigate security incidents and suspicious activity
• Execute incident response procedures and document findings
• Support post-incident reviews and security exercises

Security Engineering

• Administer and harden security platforms including:
• Microsoft Defender XDR
• Entra ID / Conditional Access
• Palo Alto NGFW
• Check Point Harmony
• Microsoft Intune
• Support identity security, endpoint protection, and network security initiatives
• Review security configurations and infrastructure changes

DevSecOps & Automation

• Support secure development and CI/CD security practices
• Assist with secrets scanning, SAST/SCA findings, and security reviews
• Develop basic automation/scripts in Python or PowerShell
• Create and maintain KQL queries and reporting

Compliance & Client Support

• Support audits, evidence collection, and security documentation
• Assist with client security questionnaires and compliance activities
• Contribute to risk assessments and remediation tracking

Requirements

Experience

• 3–5 years of experience in cybersecurity, security operations, or infrastructure security
• Experience with at least some of the following:
• Microsoft Defender XDR
• SIEM/Security Monitoring platforms
• Palo Alto Firewalls
• Check Point security products
• Experience investigating security incidents and vulnerabilities

Technical Skills

• Good understanding of:
• TCP/IP, DNS, HTTP/S, VPNs, firewalls, IDS/IPS
• Active Directory / Entra ID
• Vulnerability management tools
• Security monitoring and detection
• Scripting knowledge in Python and/or PowerShell
• Familiarity with KQL, Sigma, or detection rule tuning is a plus

Other

• Professional English required
• Bulgarian is a plus
• Security certifications (AZ-500, SC-100, CISSP, OSCP, CEH, etc.) are considered an advantage

Nice to Have

• Financial-sector or regulated environment experience
• Exposure to cloud security (Azure/AWS/GCP)
• Threat hunting or detection engineering experience
• DevSecOps or container security exposure
• MSP or multi-client environment experience

Security Tooling Environment

Candidates should expect to work across the following stack from day one:

Category – Tools/Platforms

SIEM / NSM – Security Onion (Elasticsearch, Kibana, Suricata, Zeek); Wazuh

Endpoint Security – Microsoft Defender for Endpoint; Check Point Harmony Endpoint

Email Security – Microsoft Defender for Office 365; Check Point Harmony Email

Firewall / NGFW – Palo Alto Panorama / NGFW

Identity & IAM – Microsoft Entra ID; Active Directory; Conditional Access; PIM

Endpoint / MDM – Microsoft Intune (device compliance, app protection)

Vulnerability Mgmt – Nessus / OpenVAS; Microsoft Defender Vulnerability Mgmt

DevSecOps – Secrets scanning; SAST/SCA; CI/CD security checks

Scripting & Automation – Python; PowerShell; KQL (Entra / Defender)

Compliance / Frameworks – GDPR; NIS2; DORA; ISO 27001; MITRE ATT&CK

Ticketing / ITSM – Monday.com

What We Offer

• Competitive remuneration package.
• Supplemental medical insurance.
• Opportunities for training and professional development.
• Friendly and supportive team environment.
• Exposure to global projects and technologies.