Skip to main content
Back to jobs

Senior Security Operations (SOC) Engineer/Analyst

External
solarwinds logoSolarwinds · Krakow, Poland
Full-timeOn-site1w ago
AWSAzureBashCI/CDCloud SecurityData Analysis
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Responsibilities

  • Advanced Incident Response: Lead Tier 3 investigations and serve as the Incident Commander for high-severity security breaches; conduct deep-dive forensics and root cause analysis.
  • Threat Hunting & Intelligence: Proactively identify hidden threats within the environment using MITRE ATT&CK® frameworks; pivot from internal telemetry to external threat intelligence to anticipate attacks.
  • Automation & Orchestration: Design and implement automated response playbooks (SOAR) to reduce Mean Time to Respond (MTTR) and eliminate repetitive manual tasks.
  • Detection Engineering: Author and tune sophisticated detection logic across SIEM, EDR, and Cloud native security tools (AWS/Azure/GCP) with a focus on aligning detection and response to business practices and to reduce false positives.
  • Strategic Mentorship: Act as a technical mentor to junior and mid-level analysts; lead tabletop exercises and knowledge-sharing sessions to level up the team's capabilities.
  • Architecture Collaboration: Partner with Security Architecture and DevOps to integrate security logging and monitoring into CI/CD pipelines and cloud infrastructure.
  • Reporting & Governance: Translate complex technical findings into actionable executive summaries; track SOC metrics (True Positive rates, dwell time) to demonstrate program maturity.Required

Requirements

  • Experience: Minimum 5-7 years of dedicated experience in Security Operations, Incident Response, or Threat Hunting in a large-scale enterprise.
  • Technical Depth: Mastery of SIEM platforms (e.g. Sentinel, Google SecOps) and EDR/XDR solutions (e.g. Sentinel One, Defender for Endpoint, SecureWorks).
  • Cloud Fluency: Proven experience securing and monitoring cloud environments (AWS, Azure, or GCP) and understanding container security (Kubernetes/Docker).
  • Forensics & Analysis: Deep knowledge of memory forensics, network traffic analysis (PCAP), and malware sandboxing.
  • Scripting: Proficiency in YARA-L, Python, PowerShell, or Bash for automating security workflows and data analysis.
  • Framework Knowledge: Strong command of NIST CSF, MITRE ATT&CK, and ISO 27001.
  • Soft Skills: Exceptional ability to remain calm under pressure during active incidents and communicate risk clearly to non-technical stakeholders.
  • Preferred Qualifications & Certifications
  • Professional Certifications: CISSP, GCIA, GCIH, GCFA, or specialized cloud security certifications (CCSP, AWS Certified Security, Security +).
  • Offensive Mindset: Familiarity with penetration testing methodologies or "Purple Teaming" to better understand attacker TTPs.
  • Education: Bachelor's or Master's degree in Cybersecurity, Computer Science, or equivalent work experience.
  • Advocacy: A proven track record of promoting security as a business enabler and building a "security-first" culture across the organization.

Benefits

10 study days per year2 volunteering days per year30-day holidays after 5-year tenure, Sabbatical Leave4 weeks of paternity leaveUp to 8700 PLN personal education budget per year300 PLN corrective glasses reimbursement every two yearsMedical care with Luxmed - individual, partner, or family package fully

Additional Information

At SolarWinds, we're a people-first company. Our purpose is to enrich the lives of the people we serve-including our employees, customers, shareholders, partners, and communities. Join us in our mission to help customers accelerate business transformation with simple, powerful, and secure solutions. The ideal candidate thrives in an innovative, fast-paced environment and is collaborative, accountable, ready, and empathetic. We're looking for individuals who believe they can accomplish more as a team and create lasting growth for themselves and others. We hire based on attitude, competency, and commitment. Solarians are ready to advance our world-class solutions in a fast-paced environment and accept the challenge to lead with purpose. If you're looking to build your career with an exceptional team, you've come to the right place. Join SolarWinds and grow with us! We work in hybrid mode 3+2 , at least 3 days at the office (with mandatory Wednesdays and Thursdays) and 2 days at the home office. The location of our office is Puszkarska 7J/Building E, 30-644 Kraków, Polska . We employ only via an employment contract - FTE. Role Overview We are seeking a Senior Security Operations Engineer to serve as a technical lead within our growing Information Security team. This is a high-impact, hands-on role requiring a deep understanding of enterprise security architecture and the ability to navigate complex incident response scenarios. The Senior SOC Engineer will go beyond basic alert monitoring to drive threat hunting initiatives, security automation (SOAR), and the continuous refinement of our detection capabilities. You will act as an escalation point for junior analysts and a strategic partner to our IT and Engineering teams to ensure our security posture evolves alongside the threat landscape.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at solarwinds? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect