Senior Security Operations (SOC) Engineer/AnalystVerified as a real position
- Posted
Who we’re looking for
- Experience: Minimum 5–7 years of dedicated experience in Security Operations, Incident Response, or Threat Hunting in a large-scale enterprise.
- Technical Depth: Mastery of SIEM platforms (e.g. Sentinel, Google SecOps) and EDR/XDR solutions (e.g. Sentinel One, Defender for Endpoint, SecureWorks).
- Cloud Fluency: Proven experience securing and monitoring cloud environments (AWS, Azure, or GCP) and understanding container security (Kubernetes/Docker).
- Forensics & Analysis: Deep knowledge of memory forensics, network traffic analysis (PCAP), and malware sandboxing.
- Scripting: Proficiency in YARA-L, Python, PowerShell, or Bash for automating security workflows and data analysis.
- Framework Knowledge: Strong command of NIST CSF, MITRE ATT&CK, and ISO 27001.
- Soft Skills: Exceptional ability to remain calm under pressure during active incidents and communicate risk clearly to non-technical stakeholders.
What you’ll do
- Advanced Incident Response: Lead Tier 3 investigations and serve as the Incident Commander for high-severity security breaches; conduct deep-dive forensics and root cause analysis.
- Threat Hunting & Intelligence: Proactively identify hidden threats within the environment using MITRE ATT&CK® frameworks; pivot from internal telemetry to external threat intelligence to anticipate attacks.
- Automation & Orchestration: Design and implement automated response playbooks (SOAR) to reduce Mean Time to Respond (MTTR) and eliminate repetitive manual tasks.
- Detection Engineering: Author and tune sophisticated detection logic across SIEM, EDR, and Cloud native security tools (AWS/Azure/GCP) with a focus on aligning detection and response to business practices and to reduce false positives.
- Strategic Mentorship: Act as a technical mentor to junior and mid-level analysts; lead tabletop exercises and knowledge-sharing sessions to level up the team’s capabilities.
- Architecture Collaboration: Partner with Security Architecture and DevOps to integrate security logging and monitoring into CI/CD pipelines and cloud infrastructure.
- Reporting & Governance: Translate complex technical findings into actionable executive summaries; track SOC metrics (True Positive rates, dwell time) to demonstrate program maturity.
About the position
At SolarWinds, we’re a people-first company. Our purpose is to enrich the lives of the people we serve—including our employees, customers, shareholders, partners, and communities. Join us in our mission to help customers accelerate business transformation with simple, powerful, and secure solutions. The ideal candidate thrives in an innovative, fast-paced environment and is collaborative, accountable, ready, and empathetic. We’re looking for individuals who believe they can accomplish more as a team and create lasting growth for themselves and others. We hire based on attitude, competency, and commitment. Solarians are ready to advance our world-class solutions in a fast-paced environment and accept the challenge to lead with purpose. If you’re looking to build your career with an exceptional team, you’ve come to the right place. Join SolarWinds and grow with us!
Benefits
- 25 days of vacation per year
- 3 sick days per year
- 10 study days per year
- 2 volunteering days per year
- 4 weeks’ holidays after 5-year tenure, Sabbatical Leave
- Up to 48 300CZK personal education budget per year
- Pension or life insurance matching donation up to 3% of the salary or 4000 CZK per month
- Cash allowance for meals of 95 CZK per working day
- Unlimited access to LinkedIn Learning
- English/Czech classes
- Multisport card
- Solarian Referral Program
- SolarWinds Appreciation Program
- Giving – Donation Matching
- Employee Assistance
- Competitive Race Reimbursement
- Breakfast on Wednesdays
- Fresh fruits and snacks on Mondays
- On-site gym
- Twice-weekly workout classes at the office
- Once a week yoga sessions at the office
