Threat Detection and Response Specialist
Confirmed live in the last 24 hours
PwC
Job Description
Job Description & Summary
About the Team
For us, SOC is not just a ticket or detections „washing machine “. We perceive incident response as a mandatory part of our services, along with other proactive activities such as: Threat Hunting, Threat Intelligence, Vulnerability Management, as well as post-incident activities like Forensic Analysis and more.
Threat Management team consists of cybersecurity professionals focused on prevention of the cyberattacks via detection and responding to cyber threats. The key pillars consist of incident response, threat hunting, threat intelligence, security monitoring, vulnerability management, engineering and consulting services.
About your Manager
Lubomír has over 10 years of cyber security experience with different projects related to mainly cyber security managed services, building and operating Security Operation Centers (SOC), Threat Hunting & Intelligence and Vulnerability Management. Lubomír is also responsible for team leading, project management, designing of cyber security managed services, creation and development of training plans and is a proven coach to train other team members or client staff. Outside of work, he is involved in teaching, science, and research at the University of Hradec Králové, where he guarantees and teaches the course Surveillance Systems and Forensic Analysis.
Job Description & Summary
We are building a new, compact delivery team (2-3 FTE) focused on Threat Detection & Response (TDR), which will be the backbone of our professional services offering. This team does not operate purely as a specialized "tool team" nor solely as an advisory team without technical depth.
We are looking for individuals who want to combine hands-on technical work with a consulting overlay—a skill set that includes structuring problems, designing solutions, communicating them effectively to clients, and seeing projects through to completion. If you are looking for a role where you spend 80% of your time on slides and only 20% on technology, this position is not for you. if you also prefer to work exclusively in a SOC and have no interest in client context, this role is also not suitable.
As a Senior Associate in our TDR team, you will be a key member of our delivery team, combining technical depth with a consulting approach. You will work directly on client projects, handling everything from technical analysis and implementation, to preparing deliverables and presenting findings to the client. You are not just a "tool operator" – you are a "security thinker" who understands not only technology but also its impact on our clients' business.
Technical Delivery (~50% of Time)
Engage in hands-on work with SIEM (primarily Splunk, secondarily Microsoft Sentinel) including configuration, optimization, and troubleshooting.
Develop and refine detection rules/use cases based on threat landscapes and client requirements.
Conduct threat hunting activities by proactively searching for threats within client environments.
Support incident response processes, including analyzing incidents and recommending remediation actions.
Work with log management architectures, data sources, and log onboarding.
Assess the maturity of clients' detection and response capabilities.
Client Communication (~30% of Time)
Independently lead technical workshops and working sessions with client security teams.
Present technical findings and recommendations with the ability to translate technical jargon into understandable conclusions.
Participate in status meetings, discussing scope, priorities, and next steps.
Build and maintain working relationships with client security teams.
Documentation and Business Development (~20% of Time)
Prepare high-quality deliverables: assessment reports, solution proposals, recommendations, and roadmaps.
Compile executive summaries and outline business impacts of technical findings.
Assist in proposal preparation—providing technical input, labor estimation, and scope definition.
Contribute to the internal knowledge base and aid in the development of service offerings.
What This Role Is NOT:
⚠️ To avoid misunderstandings:
This is NOT a purely technical role where you'll spend all day in the console. Client communication and documentation are expected.
This is NOT a purely consulting role where you are only working on slides. We expect hands-on technical work.
This is NOT a SOC analyst role with rotational shifts. We work on projects, not in monitoring.
This is NOT a "tool specialist" role focused on a single product. We require breadth and adaptability.
This is NOT a role where you'll wait a year for something to happen. You'll be involved in projects starting from the first month.
Requirements of the Role
3–6 years of experience in the field of cybersecurity (consulting experience not mandatory).
Practical hands-on experience in at least one of the following areas: SIEM (preferably Splunk), Threat Hunting, Incident Response, Detection Engineering.
Ability to independently analyze data, draw conclusions, and prepare technical outputs.
Capable of presenting work results to clients (you don’t need to be a showman, but clear communication is essential).
Proficient in English at a working level (B2+); Czech is an advantage.
Structured thinking with the ability to break down problems into parts and design a plan of action.
Willingness to work in a hybrid model: combining technical work, client interaction, and documentation
Nice to have
Experience with Microsoft Sentinel and cloud security (Azure/AWS).
Familiarity with SOAR platforms or automation of security processes.
Certifications such as GIAC (GCIH, GCIA, GCDA), CompTIA CySA+, Splunk certifications, SC-200.
Previous experience in a consulting or professional services environment.
Knowledge of the MITRE ATT&CK framework and its practical application.
How this role will advance your career
Deep understanding of the Threat Detection & Response (TDR) domain from both technical and business perspectives.
Development of consulting skills such as problem structuring, stakeholder management, and presentation skills.
Direct experience with diverse client environments and security challenges.
A clear path to a Manager role within 2–3 years, contingent on demonstrated competencies.
Opportunity to co-develop new service offerings and contribute to the growth of the practice
Our Benefits and Fun
Concentrated experience and rapid career growth. It may sound like a platitude, but it really is.
Flexible working hours.
Fair salary plus paid overtime and annual bonus.
Paid time off 20 + 5 days, 3 wellbeing days and 2 extra days off from the company at the end of the year.
High-end Ultrabook and iPhone with unlimited data.
Benefit program with 45.000 points that you can use for holidays, education, food vouchers, sports, health... Simply on what you enjoy.
Support for your education and development: business and digital skills training (e.g. Alteryx, Power BI, Tableau), ongoing training and certification, for example in Microsoft (Azure, PowerApps), project management (Prince2, PMI), service management (ITIL), agile development (Scrum, SAFe), DAMA, Salesforce, coaching and presentation skills and more. We pay for technical certifications and the time you spend studying them.
Opportunity to work in the future at a foreign PwC office, for example in the USA, Canada and there are others in the selection.
Extra-work activities and Away Days (team building, etc.).
Regular feedback on your work, also consultation with a coach with whom you can address your further development and career direction.
Check us out on: Cyber & Privacy | Czech Republic
PwC is the largest audit team in the Czech Republic, but also law, tax, consulting and technology, data or forensic teams. Find out how easy it is to combine this knowledge when you're in the right place. With us, you will get the opportunity to see how business is done in large companies. We are part of an international network of companies with more than 364,000 colleagues in 151 countries. At PwC, we create an inclusive work environment where everyone can be themselves and find their place and opportunity to develop. This year, we have successfully maintained the prestigious Equal Pay Certification, making us one of only four companies in the Czech Republic (and the only one from the Big 4) that demonstrably implements fair compensation practices regardless of gender.
Ochrana osobních údajů pro žadatele o zaměstnání / Privacy Statement for Recruitment Applicants
#LI-EK1
