Threat Detection and Response SpecialistVerified as a real position
- Posted
- Employment type
- Full-time
Who we’re looking for
- 3–6 years of experience in the field of cybersecurity (consulting experience not mandatory).
- Practical hands-on experience in at least one of the following areas: SIEM (preferably Splunk), Threat Hunting, Incident Response, Detection Engineering.
- Ability to independently analyze data, draw conclusions, and prepare technical outputs.
- Capable of presenting work results to clients (you don’t need to be a showman, but clear communication is essential).
- Proficient in English at a working level (B2+); Czech is an advantage.
- Structured thinking with the ability to break down problems into parts and design a plan of action.
- Willingness to work in a hybrid model: combining technical work, client interaction, and documentation
What you’ll do
- Engage in hands-on work with SIEM (primarily Splunk, secondarily Microsoft Sentinel) including configuration, optimization, and troubleshooting.
- Develop and refine detection rules/use cases based on threat landscapes and client requirements.
- Conduct threat hunting activities by proactively searching for threats within client environments.
- Support incident response processes, including analyzing incidents and recommending remediation actions.
- Work with log management architectures, data sources, and log onboarding.
- Assess the maturity of clients' detection and response capabilities.
- Independently lead technical workshops and working sessions with client security teams.
- Present technical findings and recommendations with the ability to translate technical jargon into understandable conclusions.
- Participate in status meetings, discussing scope, priorities, and next steps.
- Build and maintain working relationships with client security teams.
- Prepare high-quality deliverables: assessment reports, solution proposals, recommendations, and roadmaps.
- Compile executive summaries and outline business impacts of technical findings.
- Assist in proposal preparation—providing technical input, labor estimation, and scope definition.
- Contribute to the internal knowledge base and aid in the development of service offerings.
About the position
About the Team For us, SOC is not just a ticket or detections „washing machine “. We perceive incident response as a mandatory part of our services, along with other proactive activities such as: Threat Hunting, Threat Intelligence, Vulnerability Management, as well as post-incident activities like Forensic Analysis and more. Threat Management team consists of cybersecurity professionals focused on prevention of the cyberattacks via detection and responding to cyber threats. The key pillars consist of incident response, threat hunting, threat intelligence, security monitoring, vulnerability management, engineering and consulting services. About your Manager Lubomír has over 10 years of cyber security experience with different projects related to mainly cyber security managed services, building and operating Security Operation Centers (SOC), Threat Hunting & Intelligence and Vulnerability Management. Lubomír is also responsible for team leading, project management, designing of cyber security managed services, creation and development of training plans and is a proven coach to train other team members or client staff. Outside of work, he is involved in teaching, science, and research at the University of Hradec Králové, where he guarantees and teaches the course Surveillance Systems and Forensic Analysis.
Benefits
- Concentrated experience and rapid career growth. It may sound like a platitude, but it really is.
- Flexible working hours.
- Fair salary plus paid overtime and annual bonus.
- Paid time off 20 + 5 days, 3 wellbeing days and 2 extra days off from the company at the end of the year.
- High-end Ultrabook and iPhone with unlimited data.
- Benefit program with 45.000 points that you can use for holidays, education, food vouchers, sports, health... Simply on what you enjoy.
- Support for your education and development: business and digital skills training (e.g. Alteryx, Power BI, Tableau), ongoing training and certification, for example in Microsoft (Azure, PowerApps), project management (Prince2, PMI), service management (ITIL), agile development (Scrum, SAFe), DAMA, Salesforce, coaching and presentation skills and more. We pay for technical certifications and the time you spend studying them.
- Opportunity to work in the future at a foreign PwC office, for example in the USA, Canada and there are others in the selection.
- Extra-work activities and Away Days (team building, etc.).
- Regular feedback on your work, also consultation with a coach with whom you can address your further development and career direction.
