Telco Network - SOC Architect

Position characteristics

We can offer this position as part time job in case of your interest.

We are looking for a SOC Architect who specializes in Microsoft Sentinel or other SIEM system. This person will develop the detection and automation strategy for Microsoft 365, Azure, and Defender XDR while maintaining hands-on capabilities for creating detections, KQL queries, playbooks, and integrations. This multifaceted role encompasses architecture, design, governance, implementation, and standardization, and is essential for building a SOC ready for 24/7 operations.

The environment includes a mix of vendors, so this is not a purely Microsoft role. The architect will also incorporate integration logic from third-party security technologies.

What will you do here?

• Develop and maintain advanced threat detection scenarios using open-source and vendor-based tools.
• Deploy, configure, and manage security technologies, including SIEM, SOAR, SaST/DaST Tools.
• Automate incident response and security processes using scripting and programming languages such as Python, Bash, PowerShell, and Java.
• Conduct threat research and hunting, leveraging frameworks like MITRE ATT&CK and MITRE Shield.
• Manage and maintain SOC technologies and security processes, ensuring optimal performance and continuous improvement.
• Utilize threat intelligence services, malware sandboxes, and forensic tools to detect and analyze malicious activity.
• Develop, deploy, and manage security automation workflows in SOAR platforms to streamline incident response and SOC operations.
• Develop and implement detection engineering lifecycle tools and methodologies.
• Design and implement use cases, playbooks, and automation scripts for threat detection, enrichment, and response.
• Assess and enhance information security processes, recommending and implementing improvements.
• Collaborate with cross-functional teams to improve security posture and align security strategies with business objectives.

What knowledge and skills do we expect?

• 5+ years of experience in cybersecurity roles such as SOC engineering, incident response, security consulting, penetration testing, or red teaming.
• Strong knowledge of Sentinel SIEM/SOAR, endpoint security, IDS/IPS, firewalls, and network security technologies.
• Experience developing detection logic for SIEM platforms and responding to advanced threats.
• Experience with API integrations to enhance automated security workflows.
• Strong understanding of cloud security controls, including Azure, AWS and SaaS architectures.
• Knowledge of global cybersecurity standards
• Cybersecurity Certifications and Microsoft certifications
• Excellent written communication skills, with the ability to document findings and provide risk-based remediation recommendations.
• Minimum English B2 and fluent Czech language

NICE TO HAVE

• Experience with multiple SIEM (Splunk, QRadar, Elastic) or SOAR platforms.

And we offer you

• We currently work in a roughly 3 days from home, 2 days in the office mode,
• Here, we address each other informally and aren’t really bothered about a dress code… It suits us all just fine, and we hope you’ll feel good among us too.
• Annual bonus
• We keep up with the times or even a step ahead, so with us you can enjoy 5 weeks of vacation, 5 personal days
• We also think about parents, with 16 weeks vacations for new parents
• If Vodafone, then full on – you will get a mobile phone and a great unlimited tariff, plus 24 000 benefit points per year which you can use in the cafeteria to buy vacations, educational courses or just to invite your dearest to the cinema.
• Option to use the uLékaře.cz service
• We’re located on a metro line – right at the entrance actually – our headquarters are in Stodůlky. You’ll find everything you need in the building and the vicinity for your lunch break or coffee break, and you can even shop in the nearby stores.
• And if you need to shake it off after work, you can grab one of the bikes we rent, or go to our gym located in the building.

At Vodafone, we’re passionate about creating inclusive workplaces where everyone can be themselves and achieve their best. For us, that means supportive teams and strong relationships where everyone’s contribution is valued - across social and cultural backgrounds, ethnicities, age, genders, gender identities, abilities, sexual orientation, and everything that makes us unique. We want the best people to join us and make their difference, so we will always consider requests for flexible working (such as full-time, part-time, home-working).

Band*: Management
TW Grade:11
* We provide this information in the interest of transparency regarding remuneration. It expresses classification according to internal classification and does not refer to a managerial role in the sense of managing people.