Overview: SOFTSWISS continues to expand the team and is looking for a Security Analyst. We need a true, experienced, and accomplished professional who shares our culture and values. Purpose of the role: You'll be the connective tissue between security strategy and execution across a multinational company operating in regulated markets across multiple jurisdictions. This isn't a checkbox audit role — you'll own the security assessment lifecycle for systems and processes, define security requirements and hold teams accountable to them, and coordinate work across specialized security teams to drive outcomes on cross-cutting initiatives. You'll work closely with business and technical stakeholders who move fast, and your job is to make sure security moves with them rather than behind them. Key responsibilities: - Own the security assessment lifecycle for new and existing systems, tools, and integrations — from initial scoping and risk identification through requirements definition to remediation verification - Create clear, actionable security requirements for systems and processes, and verify that implementations meet those requirements — closing the loop rather than just filing findings - Decompose complex security initiatives into concrete workstreams and coordinate their execution across specialized security teams (e.g., infrastructure security, application security, SOC), driving alignment without direct authority - Collaborate with business and technical owners to understand system purpose, data flows, and trust boundaries, translating what you find into risk language that stakeholders actually act on - Review and challenge access models as part of system assessments, ensuring permissions reflect need-to-know principles and don't silently expand over time - Contribute to strategic security projects — data security, AI governance, and other emerging areas — as both an analytical resource and a coordinator - Develop and maintain security policies and guidelines for software and technology usage across the organization Required Experience: - 3+ years of hands-on experience in cybersecurity, with meaningful exposure to security assessments, risk analysis, or GRC functions - Demonstrated ability to assess systems and integrations end-to-end — not just identifying risks but defining what "fixed" looks like and verifying it got done - Working knowledge of risk assessment methodologies, access control principles, and at least one major governance framework (ISO 27001, NIST CSF, or equivalent) - Experience operating in or alongside regulated industries — financial services, fintech, or similar high-compliance environments strongly preferred - Ability to coordinate across multiple teams and stakeholders without formal authority — you influence through clarity, preparation, and follow-through - Strong written and verbal communication in English — you'll be drafting requirements, writing assessments, and presenting findings to both technical teams and business leadership Nice to have: - Experience in multinational or multi-entity environments where regulatory landscapes vary across jurisdictions - Familiarity with AI governance, including practical challenges around shadow AI, third-party AI services, and emerging regulatory requirements (EU AI Act, etc.) - Background in data security strategy or classification — understanding how data flows across systems and where controls should sit - Track record of taking ambiguous, high-level security objectives and breaking them into structured, executable plans Our Benefits: - Full-time remote work opportunities and flexible working hours - Private insurance - Additional 1 Day Off per calendar year - Sports program compensation - Comprehensive Mental Health Programme - Free online English lessons with a native speaker - Generous referral program - Training, internal workshops, and participation in international professional conferences and corporate events.

Monitor for security threats, support technical security projects, maintain protective measures, and document risk management while effectively communicating with business leaders to ensure proper data handling and compliance.

Title: Cyber Defense - Senior SOC Analyst (US Federal) Location: Mclean United States Job Description: Your work days are brighter here. We're obsessed with making hard work pay off, for our people, our customers, and the world around us. As a Fortune 500 company and a leading AI platform for managing people, money, and agents, we're shaping the future of work so teams can reach their potential and focus on what matters most. The minute you join, you'll feel it. Not just in the products we build, but in how we show up for each other. Our culture is rooted in integrity, empathy, and shared enthusiasm. We're in this together, tackling big challenges with bold ideas and genuine care. We look for curious minds and courageous collaborators who bring sun-drenched optimism and drive. Whether you're building smarter solutions, supporting customers, or creating a space where everyone belongs, you'll do meaningful work with Workmates who've got your back. In return, we'll give you the trust to take risks, the tools to grow, the skills to develop and the support of a company invested in you for the long haul. So, if you want to inspire a brighter work day for everyone, including yourself, you've found a match in Workday, and we hope to be a match for you too. About the Team Your work matters here. At Workday Government, we focus on outcomes that serve a larger mission. Our work supports U.S. federal agencies as they modernize and transform the full employee lifecycle experience and finance operations-so they can operate with greater clarity, accountability, and trust. As a Fortune 500 company and a proven enterprise cloud platform, Workday brings modern technology, responsible AI, and secure infrastructure to some of the most complex environments in the world. The work isn't theoretical. It's operational. It's high-impact. And it demands rigor, integrity, and long-term thinking. From day one, you'll be part of a team that values collaboration, follow-through, and doing the right thing-especially when the stakes are high. Our culture is grounded in integrity, respect, and shared responsibility. We challenge each other to think clearly, act thoughtfully, and build solutions that stand up to real-world demands. Here, curiosity is matched with accountability. Ambition is paired with trust. You'll have the space to do your best work, the support to keep growing, and the backing of a company committed to long-term investment in both its people and the federal mission. If you're looking to apply your experience to meaningful, mission-driven work-alongside colleagues who take pride in building things that last-you'll find that opportunity at Workday About the Role This role will support one or more direct or indirect contracts with the U.S. Federal Government which, due to federal government security requirements, mandates that all Workday personnel working on the contracts be United States citizens (naturalized or native). The SOC Senior Analyst serves as a senior technical expert responsible for handling the most complex security incidents. You will lead deep-dive investigations, coordinate containment and remediation strategies, and support post-incident analysis. You will work closely with Detection Engineering, Threat Intelligence, and Red/Purple Teams to improve detection coverage and operational effectiveness. This role also contributes to advanced threat hunting, detection development, and SOC capability enhancements. Senior analysts frequently serve as key personnel during major events and provide technical briefings to leadership. About You This role may require a security clearance at the TS/SCI w/CI Poly level. Applicants must have the ability to obtain and maintain a U.S. government issued security clearance. An active TS/SCI w/CI Poly is preferred Basic Qualifications 8+ years of experience in cybersecurity operations, threat detection, or incident response Advanced experience with Splunk, including correlation searches and data model usage Deep knowledge of network, endpoint, and cloud attack techniques Experience leading complex incident investigations Bachelor's degree in Cybersecurity, Engineering, or equivalent experience Other Qualifications Strong understanding of advanced persistent threat methodologies Experience developing detection logic and analytics Experience leveraging SOAR automation platforms Ability to serve as technical lead during major incidents Experience working in classified or air-gapped environments preferred Excellent executive-level communication skills Relevant advanced certifications such as CISSP, GCIA, GCED, GCIH, or equivalent Workday Pay Transparency Statement The annualized base salary ranges for the primary location and any additional locations are listed below. Workday pay ranges vary based on work location. As a part of the total compensation package, this role may be eligible for the Workday Bonus Plan or a role-specific commission/bonus, as well as annual refresh stock grants. Recruiters can share more detail during the hiring process. Each candidate's compensation offer will be based on multiple factors including, but not limited to, geography, experience, skills, job duties, and business need, among other things. For more information regarding Workday's comprehensive benefits, please click here. Primary Location: USA.VA.McLean (Tyson's Corner) Primary Location Base Pay Range: $159,600 USD - $239,400 USD Additional US Location(s) Base Pay Range: $144,400 USD - $258,000 USD Our Approach to Flexible Work With Flex Work, we're combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter. Pursuant to applicable Fair Chance law, Workday will consider for employment qualified applicants with arrest and conviction records. Workday is an Equal Opportunity Employer including individuals with disabilities and protected veterans. At Workday, we are committed to providing an accessible and inclusive hiring experience where all candidates can fully demonstrate their skills. If you require assistance or an accommodation at any point, please email accommodations@workday.com. Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process! At Workday, we value our candidates' privacy and data security. Workday will never ask candidates to apply to jobs through websites that are not Workday Careers. Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not. In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.

• Independently manage day-to-day security operations (SecOps/SOC), including threat monitoring and incident triage with intense urgency. • Conduct systematic reviews of system logs and alerts using Wiz and Datadog to uncover root causes and solve for underlying vulnerabilities. • Use LLMs (like Claude) to interrogate the health of services and automate security-based data analytics at scale. • Navigate hundreds of Kubernetes clusters and disparate data sources to find the "signal in the noise" using SQL and Boolean logic. • Build and implement security controls and automated responses within the AWS ecosystem using Python, Go, or TypeScript. • Convey technical findings and forensic research concisely to engineering and product teams with clear, actionable remediation steps. • Own the execution of recurring compliance tasks and documentation, ensuring all security deliverables are error-free and meet regulatory standards. • Identify opportunities to automate manual security checks, moving the team toward a more proactive security engineering model over time.