Senior Security Operations (SOC) Engineer/Analyst

at SolarWinds (View all jobs)

Brno, Czech Republic

Req ID: 202320

At SolarWinds, we’re a people-first company. Our purpose is to enrich the lives of the people we serve—including our employees, customers, shareholders, partners, and communities. Join us in our mission to help customers accelerate business transformation with simple, powerful, and secure solutions.

The ideal candidate thrives in an innovative, fast-paced environment and is collaborative, accountable, ready, and empathetic. We’re looking for individuals who believe they can accomplish more as a team and create lasting growth for themselves and others. We hire based on attitude, competency, and commitment. Solarians are ready to advance our world-class solutions in a fast-paced environment and accept the challenge to lead with purpose. If you’re looking to build your career with an exceptional team, you’ve come to the right place. Join SolarWinds and grow with us!

 

We work in a hybrid mode 3+2, with a minimum of 3 days at the office (with mandatory Tuesdays and Wednesdays) and a maximum of 2 days at the home office.

The location of our office is Holandská 873/6, Brno – Štýřice, 639 00.

We employ only via an employment contract – full-time employment (HPP).

 

Role Overview


We are seeking a Senior Security Operations Engineer to serve as a technical lead within our growing Information Security team. This is a high-impact, hands-on role requiring a deep understanding of enterprise security architecture and the ability to navigate complex incident response scenarios.


The Senior SOC Engineer will go beyond basic alert monitoring to drive threat hunting initiatives, security automation (SOAR), and the continuous refinement of our detection capabilities. You will act as an escalation point for junior analysts and a strategic partner to our IT and Engineering teams to ensure our security posture evolves alongside the threat landscape.

Key Responsibilities

  • Advanced Incident Response: Lead Tier 3 investigations and serve as the Incident Commander for high-severity security breaches; conduct deep-dive forensics and root cause analysis.
  • Threat Hunting & Intelligence: Proactively identify hidden threats within the environment using MITRE ATT&CK® frameworks; pivot from internal telemetry to external threat intelligence to anticipate attacks.
  • Automation & Orchestration: Design and implement automated response playbooks (SOAR) to reduce Mean Time to Respond (MTTR) and eliminate repetitive manual tasks.
  • Detection Engineering: Author and tune sophisticated detection logic across SIEM, EDR, and Cloud native security tools (AWS/Azure/GCP) with a focus on aligning detection and response to business practices and to reduce false positives.
  • Strategic Mentorship: Act as a technical mentor to junior and mid-level analysts; lead tabletop exercises and knowledge-sharing sessions to level up the team’s capabilities.
  • Architecture Collaboration: Partner with Security Architecture and DevOps to integrate security logging and monitoring into CI/CD pipelines and cloud infrastructure.
  • Reporting & Governance: Translate complex technical findings into actionable executive summaries; track SOC metrics (True Positive rates, dwell time) to demonstrate program maturity.Required

Qualifications

  • Experience: Minimum 5–7 years of dedicated experience in Security Operations, Incident Response, or Threat Hunting in a large-scale enterprise.
  • Technical Depth: Mastery of SIEM platforms (e.g. Sentinel, Google SecOps) and EDR/XDR solutions (e.g. Sentinel One, Defender for Endpoint, SecureWorks).
  • Cloud Fluency: Proven experience securing and monitoring cloud environments (AWS, Azure, or GCP) and understanding container security (Kubernetes/Docker).
  • Forensics & Analysis: Deep knowledge of memory forensics, network traffic analysis (PCAP), and malware sandboxing.
  • Scripting: Proficiency in YARA-L, Python, PowerShell, or Bash for automating security workflows and data analysis.
  • Framework Knowledge: Strong command of NIST CSF, MITRE ATT&CK, and ISO 27001.
  • Soft Skills: Exceptional ability to remain calm under pressure during active incidents and communicate risk clearly to non-technical stakeholders.
  • Preferred Qualifications & Certifications
  • Professional Certifications: CISSP, GCIA, GCIH, GCFA, or specialized cloud security certifications (CCSP, AWS Certified Security, Security +).
  • Offensive Mindset: Familiarity with penetration testing methodologies or “Purple Teaming” to better understand attacker TTPs.
  • Education: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or equivalent work experience.
  • Advocacy: A proven track record of promoting security as a business enabler and building a “security-first” culture across the organization.

 

Our benefits:

  • 25 days of vacation per year
  • 3 sick days per year
  • 10 study days per year
  • 2 volunteering days per year
  • 4 weeks’ holidays after 5-year tenure, Sabbatical Leave
  • Up to 48 300CZK personal education budget per year
  • Pension or life insurance matching donation up to 3% of the salary or 4000 CZK per month
  • Cash allowance for meals of 95 CZK per working day
  • Unlimited access to LinkedIn Learning
  • English/Czech classes
  • Multisport card
  • Solarian Referral Program
  • SolarWinds Appreciation Program
  • Giving – Donation Matching
  • Employee Assistance
  • Competitive Race Reimbursement
  • Breakfast on Wednesdays
  • Fresh fruits and snacks on Mondays

 

SolarWinds is an Equal Employment Opportunity Employer. SolarWinds will consider all qualified applicants for employment without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, marital status, disability, veteran status or any other characteristic protected by law.

All applications are treated in accordance with the SolarWinds Privacy Notice: https://www.solarwinds.com/applicant-privacy-notice