Senior Information Security Specialist (IRC269151)

Job Description

· 7 to 10 years of experience in Information Security, specializing in modern SIEM platforms, including end-to-end implementation, configuration, maintenance, and ongoing assessment in mid-scale and large-scale enterprise environments.

· Strong knowledge of KQL, SPL or UDM schema and YARA-L rules.

· Experience ingesting and parsing logs from EDR, firewalls, cloud services, and applications.

· Familiarity with threat hunting methodologies and MITRE ATT&CK framework.

· Experience working in cloud environments (Google Cloud, AWS, Azure).

· Solid understanding of security monitoring, log analysis, detection engineering, and incident response.

· Strong communication skills with the ability to explain technical concepts to both technical and non-technical audiences.

· Ability to learn and adapt quickly in fast-paced environments with evolving tools and requirements.

· Familiarity or working knowledge of Google SecOps is a strong advantage.

· Strong experience in building and maintaining security reports and tracking key performance Indicators (KIPs) to support operational efficiency and decision-making.

Job Responsibilities

· Act as a trusted security advisor to clients, providing guidance on improving their overall security posture and aligning operations with industry best practices on the backend.

· Leverage hands-on experience with various SIEM platforms (e.g., Microsoft Sentinel, Splunk) to support detection use cases, alert tuning, and incident investigations.

· Learn and adapt quickly to new platforms and tools, including Google SecOps (prior knowledge is beneficial but not mandatory)

· If familiar with Google SecOps, assist in areas such as design and implementing Google SecOps platform for enterprise-level security.

· Ingest and normalize data from diverse sources into Google SecOps using UDM (Unified Data Model).

· Develop, test, and optimize detection rules.

· Collaborate with internal and external teams to create and optimize custom parsers.

· Integrate Google SecOps with third-party security tools (EDR, NDR, SIEMs, SOARs, threat intel feeds).

· Identify gaps and recommend practical improvements to enhance scalability, security, and overall effectiveness.

· Assess existing automation workflows and incident response playbooks.

· Propose optimizations to increase operational efficiency and reduce response times.

· Conduct threat hunting, triage alerts, and support incident response efforts using Google SecOps.

· Stay up to date with the Google SecOps feature updates, security threats, and best practices.

· Provide training and documentation to SOC and IT teams on Google SecOps usage and playbooks.

Department/Project Description

We are looking for a highly technical and client-focused Senior Information Security Specialist to join our growing Information Security team. This is a hands-on role that requires strong security operations expertise, experience with modern SIEM platforms, and the ability to engage with clients as a trusted security advisor.

Broad experience with SIEM platforms such as Microsoft Sentinel, Splunk, and other tools is essential. Familiarity with emerging technologies like Google SecOps and SOAR is a plus (training will be provided as needed). We're looking for someone who can adapt quickly, manage client expectations effectively, and contribute meaningfully to complex, dynamic environments.

You will work closely with SOC Analysts, SOAR Engineers, and Solutions Engineers to align security operations with industry standards and client-specific requirements.

Position is open onsite or hybrid in Krakow, Poland