Advanced Security Operation Engineer – Log Management / SIEM

We are a global cybersecurity team, providing top-tier cybersecurity solutions to our customers. Our Czech office consists of 32 security professionals who deliver operations of various security services such as Log Management, EDR, IAM, PAM, and Vulnerability management. We are dedicated to maintaining and providing solutions of the highest security standards to our customers.

Job Summary
We are looking for a Security Operations Engineer to join our Log Management team within the Cybersecurity Services. You will be part of a dynamic team responsible for managing our internal enterprise SIEM and multiple customer service implementations on-premise and in the cloud. Your role involves ensuring the stability of log management services, troubleshooting operational issues, regular KPI reporting, contributing to continuous improvement, and supporting security projects.

Key Responsibilities

• Daily maintenance of on-premise log management servers and SIEM platforms (LogPoint, Microsoft Sentinel, Syslog Relays …).
• Configure log sources and manage log collection processes.

• Troubleshoot issues related to log reception, log forwarding, and platform operations.

• Collaborate with system vendors for platform support and issue resolution.

• Perform software upgrades, updates, and patches.

• Handle customer and internal service requests following ITIL standards.

• Conduct periodic reporting based on SLA requirements.

• Collaborate with other cybersecurity teams or stakeholders

• Develop and refine custom searches, alert rules, dashboards, and reports.

• Drive improvements through automation, optimization, and implementation of changes.

• Create and maintain service documentation; participate in document reviews and project handovers.

• Monitor and enhance cybersecurity metrics to ensure compliance with internal policies and regulatory requirements.

Qualifications
We are looking for candidates who are passionate about IT with a strong background in SIEM/Log Management operations or projects. Your sharp analytical mindset, proactive approach, and experience in cybersecurity are essential for this role.

• SIEM and Log Management Expertise: Demonstrated experience with large-scale SIEM environments and log management platforms such as LogPoint, Microsoft Sentinel, Splunk, or Elastic. Proven ability to configure, optimize, and manage these systems in a complex, multi-vendor environment.
• Cybersecurity Experience: At least 3 years of hands-on experience in cybersecurity roles, particularly in security operations, log management, and incident response.
• Understanding of Cybersecurity Principles: Familiarity with key cybersecurity concepts such as confidentiality, integrity, availability, threat actors, and common attack vectors.
• IT Infrastructure Knowledge: Understanding of IT infrastructure components, including servers, operating systems, and databases.
• Incident Response and Compliance: Experience with incident response, change control processes, and understanding of Compliance and Regulatory Requirements like GDPR, NIS2 as they relate to logging and monitoring.
• working knowledge of security-relevant data, including network protocols and services such as TCP/IP, HTTP/S, DNS, FTP, SMTP, and Active Directory.
• Ability to approach problems systematically and critically assess issues to find logical solutions and manage tasks effectively, balancing routine activities with critical incidents.
• Effective communication skills in English, both written and verbal

Preferred skills

• Scripting and Automation Skills: Proficiency in scripting languages like Python or PowerShell for automation, data analysis, and tool integration.
• Familiarity with security frameworks such as NIST, CIS, ISO 27001, or MITRE ATT&CK to guide security operations best practices.
• Knowledge of networking technologies (e.g., Cisco Switches, Routers, Firewalls) and security-relevant data, including log records and alerts from various data sources (IDS/IPS, AV, HIDS/HIPS).
• Experience integrating solutions in a multi-vendor environment.
• Bachelor’s degree in engineering, computer science, information security, or information systems, or relevant certifications, such as CompTia Security , CompTia Network , SC-200, CISSP are highly desirable.
• ITIL certification

Employee benefits

• 6 weeks of paid time off per year
• 5 sick days per year
• Flexible working hours
• Possibility to work from home
• Flexible cafeteria account for leisure (18,000 CZK per year) allowing you to use points for MultiSport, public transport tickets, or contribute to your pension savings
• Meal vouchers in the amount of 200 CZK per workday (Aeven covers 55%)
• Referral bonus (20,000 – 60,000 CZK)
• Free snacks on Mondays and monthly get-togethers
• Free fruits and vegetables every day
• Height-adjustable tables
• Co-working offices in Ostrava and Brno
• Czech language lessons
• Annual flu vaccination for free

Department:

Lokation: Prague