Modular Services

Modular Services helps law firms reduce tech friction with end-to-end business support. It delivers IT services, finance operations, and project management through 24/7 service desk, security operations, and custom development, including ServiceNow integrations. Key capabilities include application development, e-billing, matter administration, data backup and disaster recovery, and robotic process automation. The team of over 150 experts holds ITIL, Prince2, and Six Sigma certifications and leverages vendor-specific credentials. With experience serving top UK law firms and international clients, Modular Services aims to scale legal operations through flexible, client-centric delivery.

Application DevelopmentBusiness SupportCyber SecurityFinance OperationsIT OperationsLegaltechManaged ServicesProject Managementmodular.services

Modular Services

Application DevelopmentBusiness SupportCyber SecurityFinance OperationsIT OperationsLegaltechManaged ServicesProject Managementmodular.services

HQBucharest, RO

Team Size182

Open Jobs10

Total Funding-

Latest FundraiseUnknown

Join the Team

Security Operations Analyst (24/7)

HybridIasi Metropolitan Area, RO

Hybrid • Iasi Metropolitan Area, RO

Teeming tracks opportunities at over 24,000 AI startups, then works with you to find (and land) the one you'll love.

Frontend Developer

Full-timeAustin, US

Full-time • Austin, US

Backend Developer

InternshipRotterdam, NL

Internship • Rotterdam, NL

Product Designer

InternshipLondon, GB

Internship • London, GB

Product Designer

InternshipAmsterdam, NL

Internship • Amsterdam, NL

Frontend Developer

Part-timeLondon, GB

Part-time • London, GB

Technical Writer

Full-timeTel Aviv

Full-time • Tel Aviv

We are looking for a Infrastructure SecOps Analyst to act as the first point of contact for IT infrastructure security alerts from IDS and IPS tools, as well as providing monitoring and support functions for IT infrastructures. You’ll be part of a cross-functional team that’s responsible for the security, availability and good functioning of the systems and services. As an Infrastructure SecOps Analyst, you should be able to produce clear and comprehensive documentation based on the analyses you perform across various security cases and reports, including your conclusions, findings and recommendations for improving system security. You should also be a team player with a knack for prevent any security incidents and to maintain operational services.

Responsibilities

Triage and investigate SIEM alerts and service health alerts (e.g., from SCOM, Azure Monitor) within defined SLAs, using structured workflows and escalation protocols
Perform in-depth analysis of incidents escalated from Tier 1, determining impact, scope and severity based on contextual log correlation and system/user behaviour
Contact users or asset owners (as needed) to gather context, confirm suspicious activity, or initiate response steps, using official communication channels and timelines
Execute initial containment and remediation actions such as host isolation, user account lockdowns, or firewall rule updates, based on alert type and criticality
Escalate complex or ambiguous incidents to Tier 3 with complete investigation context, artifacts, and documented evidence
Respond to client or stakeholder queries within SLA using Teams, email or ticketing systems, ensuring traceable and professional communication
Take ownership of assigned incidents from triage to closure, documenting all investigation steps, decisions, indicators, response actions and final resolution
Apply appropriate classification to each alert or incident, following taxonomy and closure guidelines
Identify and report recurring false positives, benign positives or detection gaps to senior analysts or engineering for potential tuning, suppression, or automation
Provide input to improve detection rules and playbooks by flagging alert noise, detection gaps or process inefficiencies observed during investigations
Assist in cross-case correlation efforts by linking related activity across systems, hosts or users that may indicate larger attack campaigns
Participate in the testing and implementation of new tools, features or integrations; validate their behaviour in live environments as part of internal projects
Perform cleanup and hygiene tasks across tools and ticketing systems, including queue management, alert deduplication or suppression handling as delegated
Work with engineering or senior staff to troubleshoot minor tool issues, validate data sources and provide operational feedback for improvements
Maintain up-to-date documentation of recurring issues, workarounds and investigation patterns that help improve team knowledge and efficiency
Follow all internal policies, compliance requirements and operational procedures as defined by SOC governance
Carry out any additional tasks assigned by Senior analysts or SOC leadership in support of continuous improvement, coverage or client satisfaction
Consistently meet all defined SOC KPIs and SLAs to ensure reliable, high-quality operational performance
Maintain full adherence to internal SOC policies, procedures and compliance requirements
Support SOC and IT teams proactively, delivering at least one meaningful improvement to a security tool, detection, or workflow
Continuously monitor Microsoft Defender Threat Analytics and other internal threat intelligence platforms to stay informed on active campaigns and trends
Contribute to the SOC Knowledge Base by regularly updating, creating or archiving documentation to ensure accuracy and relevance
Strengthen technical expertise by completing one cybersecurity-related course and earning an intermediate/associate-level certification, as agreed with the SOC Team Lead / SOC Manager
Develop deep understanding of all security tools and technologies used in the SOC, including hands-on familiarity with their use cases and limitations
Actively use the organization's learning platform to complete relevant self-study modules focused on SOC technologies and operations
Stay current on emerging threats, vulnerabilities, and campaigns by subscribing to cybersecurity newsletters, RSS feeds, and vendor updates

Qualifications

Strong knowledge of networking: TCP / IP and IP, routing protocols
Knowledge of Microsoft Server and adjacent products, including Microsoft
Windows OS and Server, Microsoft Exchange Online, Azure Cloud environment, Microsoft 365 services, Defender Suite, Intune, Conditional Access
Microsoft Office Suite skills, proficiency especially in World, Outlook and Excel.

We are also accepting CVs by e-mail, at people@modular.support.