Security Operations Specialist

<h5>About the role</h5><p><span>In the role of a Security Operations Specialist, your primary responsibility is to ensure a prompt response to incidents. In addition, you will be responsible for developing new detection logic for our SIEM and, more broadly, helping promote a strong security culture across the company. You will work closely with engineering, product, operations, and internal penetrations teams.</span></p><p><span>All specialists contribute to the development of detection logic for our systems through a internally developed, structured workflow aligned with standard procedures and a detection-as-code framework.</span></p><p><span>Clear and accurate documentation of detection logic and playbooks is a critical part of our work. Applicants are therefore expected to have well-defined skills in documenting their work.</span></p><p><strong>Key Responsibilities:</strong></p><ul><li><p>Incident detection, analysis, and response</p></li><li><p><span>SIEM detection engineering and alert tuning</span></p></li><li><p>Linux system hardening and security monitoring</p></li><li><p>Network traffic analysis and security monitoring</p></li><li><p>Security documentation, playbooks, and procedures</p></li><li><p>Threat modelling</p></li><li><p>Risk management</p></li></ul><p><span><strong>Bonus:</strong></span></p><div><ul><li><p style="text-align:left;"><span>Automation and scripting (CI/CD workflows)</span></p></li><li><p style="text-align:left;"><span>Endpoint security (EDR/XDR)</span></p></li></ul></div><h5>About you</h5><p><strong>Must-haves:</strong></p><ul><li><p>IT security background (security related education or experience)</p></li><li><p>2+ years experience working in a Security Operations Cetner</p></li><li><p>Has a strong interest in emerging threats and technologies within cybersecurity.</p></li><li><p>Experience working with incident response and SIEM solutions</p></li><li><p>Experience developing detection logic</p></li><li><p>Experience working in Linux environments</p></li><li><p>Speaks and writes English</p></li></ul><p><span>Finally, and most importantly, you need to be curious and willing to adapt and learn about new and/or proprietary systems to truly succeed in this role.&nbsp;</span></p><h5>About us</h5><p>Our platform provides customers with an immutable, historical archive of their data in systems such as Microsoft 365, Google Workspace, Salesforce, Entra ID, Dynamics 365, and Zendesk.</p><p>We protect our customers against everything, ranging from ransomware to simple accidents.</p><p>The majority of our back-end components are written in clean, modern C++ using mainly purpose-built components. Components responsible for business processes and data mining are built using Common Lisp. Everything runs on Linux.</p><p>We pride ourselves on backing up billions of objects over foreign APIs using imperfect networks on systems with finite memory and making it all happen in a performant, reliable, and predictable way.</p><p><strong>As we collaborate across locations, English is our primary language. Please submit your CV in English to support the review process.</strong></p><h5>We offer:</h5><ul><li><p>Official employment – Umowa o pracę contract</p></li><li><p>4 additional working days of vacation leave per full calendar year </p></li><li><p>3 days of internal sick leave without a doctor`s note </p></li><li><p>Health and Life Insurance</p></li><li><p>Employee Capital Plan (PPK)  </p></li><li><p>Multisport card compensation  </p></li><li><p>Coverage of professional training sessions, meetups, etc.</p></li><li><p>English-speaking club with native speakers </p></li><li><p>Polish language classes</p></li><li><p>Internet and Glasses reimbursement</p></li><li><p>Cosy office in Krakow city centre (Długa, 72) with beverages, fruit, and cookies </p></li><li><p>Winter and summer parties, events, team-buildings </p></li></ul><p><em>We kindly ask you not to provide us with any sensitive categories of personal data when applying for a job with us.</em> <em>When applying for the vacancy, Keepit will process your personal data, and therefore we recommend that you also&nbsp;</em><strong><em>read our&nbsp;</em></strong><a target="_blank" href="https://www.keepit.com/job-applicant-privacy-policy/"><strong><em>privacy policy</em></strong></a><em>, which describes our processing of personal data and your rights as a data subject.</em><br></p><p><em>If you notice any misconduct or irregularities that fall within the scope of our whistleblowing procedure, please click </em><a target="_blank" id="menur96o" href="https://keepit.integrityline.com/"><em>here</em></a><em> to report them.</em></p>