This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

This role involves strengthening our internal infrastructure and helping automate key security workflows.

• Monitor and analyze security alerts across multiple security platforms (SIEM, EDR, SOAR)
• Lead Incident Response - serve as primary responder to security alerts, perform initial triage, conduct investigations, and coordinate remediation
• Enhance Detection Capabilities - design, implement, and fine-tune detection rules and alerts across cloud environments
• Conduct endpoint, network, and application log analysis to identify suspicious activity
• Collaborate with IT, DevOps, and Compliance teams to enforce security standards and best practices
• Assist in improving incident response processes, playbooks, and operational practices
• Stay informed about emerging cybersecurity threats, trends, and industry developments
• Deploy and manage MDM/UEM solutions (Jamf, Jumpcloud) across all endpoints
• Advocate for best practices in IT and change management to strengthen security posture
• Define and enforce security policies for workstations (passwords, encryption, restrictions, app controls)
• Perform regular audits and compliance checks aligned with corporate standards
• Monitor device health and security compliance, respond to related alerts
• Coordinate patching and updates on endpoints through MDM
• Conduct inventory and asset tracking, including remote wipe and lock management
• Provide endpoint security reporting and metrics to IT leadership and compliance
• Collaborate with incident response teams on mobile endpoint incidents

Qualifications

• 3+ years in IT Operations, System Administration, or related roles
• Experience in security threat analysis or incident response, ideally within a SOC
• Proven experience responding to and managing incidents in cloud environments (AWS, Azure, GCP) and SaaS services (Google Workspace, Atlassian)
• Proficiency with SIEM platforms, including rule creation, tuning, and maintenance
• Strong knowledge of cloud security monitoring tools and techniques
• Understanding of network infrastructure
• Experience analyzing endpoint, network, and application logs for anomalies
• Practical understanding of common attack vectors and how to detect them
• Experience with security automation and scripting for incident response workflows
• Understanding of IT system architecture, network design, and IT/change management processes
• Experience with virtualization technologies
• Familiarity with identity management
• Proficiency in platforms used for information security investigations and triage

Requirements

• Experience with cloud-native security tools and services
• Familiarity with scripting or automation (PowerShell, Bash, Python)
• Experience with endpoint detection solutions and email security technologies
• Knowledge of IT security audit techniques

Benefits

• A competitive salary
• Remote work format or a modern office in Warsaw and/or Kyiv
• Flexible working hours
• An incredibly friendly team where everyone is ready to share knowledge, help, and support
• 24 working days of paid annual vacation
• Paid sick leave
• Health insurance (available for specialists based in Ukraine; other countries — in progress)
• Zero joules of energy to the aggressor state, its affiliated businesses, or partners
• Conference and business travel expenses covered (where applicable)
• Birthday greetings (because you matter!)
• Online and offline teambuilding events
• Corporate celebrations