About the Client
Client is one of the key providers of complex meteorological systems deployed at weather services, airports, military bases and private companies. Our company currently has 99 customers and users in around 80 countries all around the globe on all the continents including Antarctica.
About the Role
We are looking for an experienced IT Security Specialist.
Responsibilities
- Performance of activities ensuring cybersecurity of systems
- Continuously monitors and detects threats in order to identify and stop cyber attacks
- Configures, monitors, and analyzes incidents and logs from various security devices, servers, and endpoints
- Responsible for security analytics, development and optimization of detection mechanisms, and reporting
- Collaborates on penetration testing and remediation of identified vulnerabilities
- Implements, expands, and develops cybersecurity systems and processes, including increasing their level of automation
- Participates in the implementation of technical and organizational security measures
- Assesses the security of applications, software, and cloud services for both IT and business
- Cooperates in data protection, control testing, and prevention of information leakage (DLP)
- Manages and coordinates security measures in accordance with NIS2 and CRA
- Cooperates with IT in implementing technical and organizational measures
- Supports project teams in carrying out relevant cybersecurity activities during project or service management processes
- University degree in IT, cybersecurity, or a related field
Requirements
- University degree in IT, cybersecurity, or a related field
- Minimum 5 years of experience in the operation, maintenance, or administration of information technologies
- Knowledge of cybersecurity legislation, including Act No. 69/2018 Coll., NBÚ regulations, NIS2, CRA, and ISO 27000 standards
- Ability to manage security projects and incidents
- Independence and decision-making ability, with the capacity to learn quickly and transfer knowledge to stakeholders
- Ability to communicate clearly, understandably, and professionally with a wide range of internal and external partners (e.g., employees, authorities, suppliers, customers)
- English language proficiency – fluent
Nice to Have Skills
- Principles of enterprise architecture, security architecture concepts, and enterprise architecture reference models (e.g., TOGAF, Zachman, FEA, etc.)
- Principles, tools, and techniques of penetration testing
- Practical experience with security technologies, especially:
EDR / XDR (Microsoft Defender)
Firewalls (OPNsense)
VPN technologies (IPsec, SSL VPN, OpenVPN)
SIEM / log management (Microsoft Sentinel, Wazuh, ELK, etc.)
Identity & Access Management (IAM)
Nessus (Tenable Vulnerability Management)
Basics of network security (routing, segmentation, WAF, etc.)
- Knowledge of M365 / Azure environments
- Certifications such as CISSP, CISM, or CEH are considered a plus
- Practical experience with SSDLX methodologies – training, code analysis
- Practical experience with hybrid IT infrastructure (Linux, Windows, macOS, servers, cloud)
- Certifications such as CISSP, CISM, CISA, ISO 27001/27017 Lead Auditor, Implementer, or similar
- Knowledge of MITRE ATT&CK and OWASP frameworks is an advantage