Responsibilities

• You’ll monitor our systems for security threats and identify, analyze, and respond to Security Incidents
• You’ll support the mitigation of detected zero-day vulnerabilities to maintain our high-security standard
• You will build and maintain our capability to enable data and intelligence-driven approach to defensive security operations and grow your expertise by training and owning incident response activities
• You’ll respond to information Security Incidents by developing and maintaining our incident response playbooks and providing recommendations for other necessary documentation, such as standard operating procedures

Requirements

• You have 4+ years of working experience as a SOC Analyst or a Security Incident Analyst, responding independently to incidents in a 24/7 on-call setup
• You got the ability to size up a situation, assess the effectiveness of various mitigation tactics, and make rapid decisions on appropriate incident response actions
• You have experience in security monitoring, detection, and analysis methodologies and technologies, including; network-based intrusion detection systems, endpoint and extended detection and response solutions (EDR/XDR), web application and network firewalls and SIEM systems
• You can convince with working knowledge of protecting assets on the cloud and working with Kubernetes on AWS. Preferably, you gained experience with AWS native security tools
• You profoundly understand the MITRE ATT&CK Framework, the Cyber Kill Chain, and NIST. You also know about analyzing data in databases. Ideally, you have some experience with SQL, Python, Shell scripting, HTML, and JavaScript
• You have excellent communication skills, verbal and written, and a proven track record for successfully dealing with senior stakeholders

Technologies

• Mandatory:
  • Exabeam Advanced Analystics and Datalake (SIEM)
  • Palo Alto Cortex XDR
  • ServiceNow
  • Amazon GuardDuty
• Nice to have:
  • OpsGenie
  • Google Workspace admin Investigation tool
  • CybelAngel
  • Scalyr
  • Akamai
  • Okta
  • Amazon Detective
  • GitHub
  • Google Workspace admin
  • Active Directory Users and Computers
  • Amazon Virtual private cloud
  • Netbox
  • GCP
  • Tenable

We Offer

• Opportunity to work in a fast-paced, agile, software engineering culture
• English-speaking environment
• Unlimited access to LinkedIn learning solutions
• Comfortable modern offices in Prague 4 or hybrid office
• Benefit program (5 weeks of vacation, paid sick days, paid days off for special occasions, meal vouchers, flexi pass, Prague city public transport annual coupon, multisport cards, contribution to pension fund, health insurance for family member)
• English language courses
• Czech language courses upon request
• Relocation assistance
• Rotation program - possibility to relocate for short and long-term projects within 30 countries
• Referral bonuses for recommended candidates
• Mobile Phone Tariff’s program for managerial level candidates
• EPAM Employee Stock Purchase Plan (ESPP) (subject to certain eligibility requirements)
• Some of these benefits may be available only after you have passed your probationary period