Not just moving alerts or incidents around. Real incidents. Real responsibility. Real impact. NN’s Cyber Defense Core team protects millions of customers worldwide. We’re now looking for a Security L2 Analyst who wants to sit on the sharp end of cyber defense - investigating real threats, improving detections, and shaping how our CDC operates. If you already know what it means to own an incident , hunt for root cause and help others get better along the way - you’ll feel at home here. What you’ll actually do (day to day) – no buzzwords, just the real job: Investigate and respond to advanced security incidents across a global environment, with end-to-end ownership from alert to resolution Fine tune and operate security tools such as SIEM, EDR, NDR, and IDS/IPS Work across cloud environments (AWS and Azure) Suggest and implement improvements in detection logic, playbooks, and CDC processes Contribute to threat hunting, purple teaming exercises, and other security projects around CDC Mentor junior analysts and help raise the overall CDC maturity You will operate with autonomy and trust, with room to influence and shape how things are done, not just follow runbooks. Please note: As our services run 24/7, our systems must be continuously monitored. This position includes shift work, including night and weekend shifts. However, since our team is large and we are reasonable about scheduling, the shift schedule is very manageable and fair. Why you’ll like working here Real Cybersecurity: Work on meaningful incidents, not just alert noise. Learn & Grow: We support your certifications, training, and continuous development. Hybrid & Flexible: Enjoy a strong home office culture, flexible time off, and a hybrid setup - most of the time you can work from home, with the team meeting in the office once a week. People-First Culture: Down-to-earth, open team with no unnecessary formalities (no ego, no blame, just real support). Modern Tools: Get a company laptop and iPhone with a fully paid plan. Great Benefits: Cafeteria up to 20,000 CZK, pension contributions, MultiSport card, meal allowance, discount on life insurance, contribution to HO expenses Referral Bonus: Get up to 60,000 CZK for referring new colleagues. Personalized Onboarding: During your probation, we’ll help you settle in with more in-person support What we’re looking for We don’t expect a unicorn, but we’re looking for a strong blue team professional: 2-4 years of experience in SOC / Blue Team / Incident Response Hands on incident handling experience (not just copy-paste + send via ticketing system to the customer) Ability to think analytically, assign incident - form hypothesis - validate it - take response actions - escalate - document everything on the go. If you possess these, it’s a big plus: Solid understanding of: Networking (OSI/TCP/IP), Windows / Linux internals, Active Directory security Practical experience with MITRE ATT&CK / Kill Chain Daily work with tools such as: Splunk, Microsoft Sentinel, Defender, CrowdStrike, Darktrace, Suricata (or similar) Scripting basics (Python / PowerShell / Bash) Uni degree or certifications are welcomed; not mandatory. Practical experience matters the most. From Application to Offer: Our Process After you apply, we’ll review your CV to see if your experience fits the role. If there’s a match, we will reach out to arrange a short technical pre-screen with a couple of our senior colleagues. If things go well, you’ll be invited to a longer interview with the team manager and Veronika (HR), where you’ll discuss technical topics in more depth. If everything clicks, there’s a final short chat with our CDC manager. If that goes well too, you’re in and we’ll be excited to welcome you to the team!
Senior Security Operations (SOC) Engineer/Analyst
SolarWinds
Senior Security Analyst
Quadient1
Quality Engineering Manager
8am
ML Ops Engineer
Zeta Global
Looking for QA Testers in Czechia
Tester Work
Security Architect
Dentons