Senior Security Operations (SOC) Engineer/Analyst

At SolarWinds, we’re a people-first company. Our purpose is to enrich the lives of the people we serve—including our employees, customers, shareholders, partners, and communities. Join us in our mission to help customers accelerate business transformation with simple, powerful, and secure solutions. The ideal candidate thrives in an innovative, fast-paced environment and is collaborative, accountable, ready, and empathetic. We’re looking for individuals who believe they can accomplish more as a team and create lasting growth for themselves and others. We hire based on attitude, competency, and commitment. Solarians are ready to advance our world-class solutions in a fast-paced environment and accept the challenge to lead with purpose. If you’re looking to build your career with an exceptional team, you’ve come to the right place. Join SolarWinds and grow with us! We work in a hybrid mode 3+2 , with a minimum of 3 days at the office (with mandatory Tuesdays and Wednesdays) and a maximum of 2 days at the home office. The location of our office is Holandská 873/6, Brno – Štýřice, 639 00 . We employ only via an employment contract – full-time employment (HPP). Role Overview We are seeking a Senior Security Operations Engineer to serve as a technical lead within our growing Information Security team. This is a high-impact, hands-on role requiring a deep understanding of enterprise security architecture and the ability to navigate complex incident response scenarios. The Senior SOC Engineer will go beyond basic alert monitoring to drive threat hunting initiatives, security automation (SOAR), and the continuous refinement of our detection capabilities. You will act as an escalation point for junior analysts and a strategic partner to our IT and Engineering teams to ensure our security posture evolves alongside the threat landscape. Key Responsibilities Advanced Incident Response: Lead Tier 3 investigations and serve as the Incident Commander for high-severity security breaches; conduct deep-dive forensics and root cause analysis. Threat Hunting Intelligence: Proactively identify hidden threats within the environment using MITRE ATTCK® frameworks; pivot from internal telemetry to external threat intelligence to anticipate attacks. Automation Orchestration: Design and implement automated response playbooks (SOAR) to reduce Mean Time to Respond (MTTR) and eliminate repetitive manual tasks. Detection Engineering: Author and tune sophisticated detection logic across SIEM, EDR, and Cloud native security tools (AWS/Azure/GCP) with a focus on aligning detection and response to business practices and to reduce false positives. Strategic Mentorship: Act as a technical mentor to junior and mid-level analysts; lead tabletop exercises and knowledge-sharing sessions to level up the team’s capabilities. Architecture Collaboration: Partner with Security Architecture and DevOps to integrate security logging and monitoring into CI/CD pipelines and cloud infrastructure. Reporting Governance: Translate complex technical findings into actionable executive summaries; track SOC metrics (True Positive rates, dwell time) to demonstrate program maturity.Required Qualifications Experience: Minimum 5–7 years of dedicated experience in Security Operations, Incident Response, or Threat Hunting in a large-scale enterprise. Technical Depth: Mastery of SIEM platforms (e.g. Sentinel, Google SecOps) and EDR/XDR solutions (e.g. Sentinel One, Defender for Endpoint, SecureWorks). Cloud Fluency: Proven experience securing and monitoring cloud environments (AWS, Azure, or GCP) and understanding container security (Kubernetes/Docker). Forensics Analysis: Deep knowledge of memory forensics, network traffic analysis (PCAP), and malware sandboxing. Scripting: Proficiency in YARA-L, Python, PowerShell, or Bash for automating security workflows and data analysis. Framework Knowledge: Strong command of NIST CSF, MITRE ATTCK, and ISO 27001. Soft Skills: ... (truncated, view full listing at source)