In the role of a Security Operations Specialist, your primary responsibility is to ensure a prompt response to incidents. In addition, you will be responsible for developing new detection logic for our SIEM and, more broadly, helping promote a strong security culture across the company. You will work closely with engineering, product, operations, and internal penetrations teams.
All specialists contribute to the development of detection logic for our systems through a internally developed, structured workflow aligned with standard procedures and a detection-as-code framework.
Clear and accurate documentation of detection logic and playbooks is a critical part of our work. Applicants are therefore expected to have well-defined skills in documenting their work.
Key Responsibilities:
Incident detection, analysis, and response
SIEM detection engineering and alert tuning
Linux system hardening and security monitoring
Network traffic analysis and security monitoring
Security documentation, playbooks, and procedures
Threat modelling
Risk management
Bonus:
Automation and scripting (CI/CD workflows)
Endpoint security (EDR/XDR)
Must-haves:
IT security background (security related education or experience)
2+ years experience working in a Security Operations Cetner
Has a strong interest in emerging threats and technologies within cybersecurity.
Experience working with incident response and SIEM solutions
Experience developing detection logic
Experience working in Linux environments
Speaks and writes English
Finally, and most importantly, you need to be curious and willing to adapt and learn about new and/or proprietary systems to truly succeed in this role.
Our platform provides customers with an immutable, historical archive of their data in systems such as Microsoft 365, Google Workspace, Salesforce, Entra ID, Dynamics 365, and Zendesk.
We protect our customers against everything, ranging from ransomware to simple accidents.
The majority of our back-end components are written in clean, modern C++ using mainly purpose-built components. Components responsible for business processes and data mining are built using Common Lisp. Everything runs on Linux.
We pride ourselves on backing up billions of objects over foreign APIs using imperfect networks on systems with finite memory and making it all happen in a performant, reliable, and predictable way.
Official employment – Umowa o pracę contract
4 additional working days of vacation leave per full calendar year
3 days of internal sick leave without a doctor`s note
Health and Life Insurance
Employee Capital Plan (PPK)
Multisport card compensation
Coverage of professional training sessions, meetups, etc.
English-speaking club with native speakers
Polish language classes
Internet and Glasses reimbursement
Cosy office in Krakow city centre (Długa, 72) with beverages, fruit, and cookies
Winter and summer parties, events, team-buildings
We kindly ask you not to provide us with any sensitive categories of personal data when applying for a job with us. When applying for the vacancy, Keepit will process your personal data, and therefore we recommend that you also read our privacy policy, which describes our processing of personal data and your rights as a data subject.
If you notice any misconduct or irregularities that fall within the scope of our whistleblowing procedure, please click here to report them.
Streamline your #SaaS backup & recovery with Keepit. 20+ years of providing dedicated data protection, ensuring companies protect and manage SaaS data at scale.
Keepit protects your cloud data and leaves you free to leverage new cloud technologies without fear of data loss. Simple to set up and deploy, with the best restore options available so you can find and recover historic data in no time.
The Keepit platform is ready for any Cloud Workload and offers full retention on your terms – from one year to eternity. Born with indexing and search to ensure you always have the complete view of your data.
