Senior Security Operations (SOC) Engineer/Analyst

SolarWinds is a company focused on providing secure solutions to accelerate business transformation. The role is based in Krakow, Poland, at the SolarWinds office located at Puszkarska 7J/Building E, 30-644 Kraków, Polska. The position is within the Information Security team, specifically in the G&A - IT Security cost center.

• Minimum 5–7 years of experience in Security Operations, Incident Response, or Threat Hunting in a large-scale enterprise.
• Mastery of SIEM platforms (e.g., Sentinel, Google SecOps) and EDR/XDR solutions (e.g., Sentinel One, Defender for Endpoint, SecureWorks).
• Proven experience securing and monitoring cloud environments (AWS, Azure, or GCP) and understanding container security (Kubernetes/Docker).
• Deep knowledge of memory forensics, network traffic analysis (PCAP), and malware sandboxing.
• Proficiency in YARA-L, Python, PowerShell, or Bash for automating security workflows and data analysis.
• Strong command of NIST CSF, MITRE ATT&CK, and ISO 27001 frameworks.
• Ability to remain calm under pressure and communicate risk clearly to non-technical stakeholders.

Preferred Qualifications & Certifications:

• Professional certifications such as CISSP, GCIA, GCIH, GCFA, or specialized cloud security certifications (CCSP, AWS Certified Security, Security +).
• Familiarity with penetration testing methodologies or "Purple Teaming".
• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or equivalent experience.
• Proven track record of promoting security as a business enabler and building a "security-first" culture.

• Lead Tier 3 investigations and serve as Incident Commander for high-severity security breaches; conduct deep-dive forensics and root cause analysis.
• Proactively identify hidden threats using MITRE ATT&CK® frameworks and external threat intelligence.
• Design and implement automated response playbooks (SOAR) to reduce Mean Time to Respond (MTTR).
• Author and tune detection logic across SIEM, EDR, and cloud-native security tools (AWS/Azure/GCP).
• Act as a technical mentor to junior and mid-level analysts; lead tabletop exercises and knowledge-sharing sessions.
• Partner with Security Architecture and DevOps to integrate security logging and monitoring into CI/CD pipelines and cloud infrastructure.
• Translate complex technical findings into executive summaries; track SOC metrics to demonstrate program maturity.

SolarWinds is an Equal Employment Opportunity Employer and considers all qualified applicants without regard to protected characteristics. Employment is only via an employment contract (FTE). The role requires working in hybrid mode with at least 3 days in the office (mandatory Wednesdays and Thursdays) and 2 days remote.