Pangea Digital is seeking a security generalist, with a strong blue team focus, who is curious, autonomous, and autodidactic—someone driven to continuously expand their knowledge and skills. The ideal candidate knows how to navigate the complex landscape of competing priorities with sound judgment and a focus on delivering meaningful security value. We need someone who doesn't just identify problems but also implements effective solutions.
Responsibilities:
- Lead the enhancement and troubleshooting of existing security monitoring and defense systems, ensuring their optimization and successful completion of all improvements
- Collaborate with cross-functional teams to ensure cohesive security strategies and effective incident response
- Develop and deploy tools to automate, enrich, and integrate data from multiple sources into the security stack
- Design and implement automated workflows using serverless architectures, orchestration services, and automation tools to streamline security operations and enhance response times
- Architect and implement deception technologies, including canary tokens and honeypots, to detect and respond to potential threats proactively
- Strengthen and maintain the security of cloud-based and cloud-native resources
- Lead the resolution of security incidents across all facets of Pangea
- Manage log sources and connectors, and develop and maintain comprehensive logging standards
- Develop, implement, and manage SIEM detection rules, alerts, and incident queues to ensure effective responses
- Develop innovative detection capabilities to identify threats across diverse environments
- Develop and maintain custom SOAR playbooks to automate incident response processes
- Continuously assess detection capabilities, identify areas for improvement, and refine detection and response strategies
- Engage with the U.S. Agency for Global Media (USAGM) to ensure compliance with FISMA Moderate controls, specifically focusing on Incident Response (IR) and Audit (AU) controls
Education:
- Information technology, (BA – bachelor’s degree), mandatory
- Combination of education and experience
Work Experience:
- Relevant industry experience with a responsibility for security analysis, design, architecture, and development. 4-6 years (Mandatory)
- Team management experience 2-3 years (Desirable)
- Previous experience working in a multicultural or a multinational environment; or experience living and working abroad, preferably in relevant RFE/RL target regions, desirable.
Technical Competences:
- Experience crafting detection rules tailored to TTPs
- Proficiency in conducting threat hunts across large datasets, leveraging tools like Jupyter Notebooks, Yara rules, Sigma rules, and KQL
- Strong understanding of key cybersecurity frameworks, including MITRE ATT&CK®, NIST, and the Cyber Kill Chain
- Practical, hands-on experience with CNAPP, CWPP, and CSPM tools for securing cloud-native environments
- Experience securing Kubernetes-based platforms and cloud-native environments, focusing on deployment, monitoring, and protecting containerized applications at scale
- Experience with log standard definitions, event logging, and audit record analysis, integrating these for comprehensive monitoring and threat detection
- Proven experience in managing incidents, automating incident response, and producing effective incident reports
- Coding experience (Python, Ruby, Go, or similar) for automation and security investigations
Key Qualities:
- Rigorous, manifests integrity, inspires confidence
- Uses threat models instead of assumptions
- Brings well-researched, clear information to guide decision-making
- Understands how individual security issues are leveraged in an attack
- Dissects and resolves complex security challenges with a structured approach
- Coordinates effectively when working with incomplete information.
Culture and Collaboration Values:
- Fosters a blameless culture where mistakes are learning opportunities
- Practices inclusivity by guiding and supporting colleagues
- Paves the safe way for others by building guardrails rather than gates
- Breaks down barriers by sharing the technical practices
- Demystifies security concepts, and simplifies the complex for others
- Makes an effort to learn others' workflows before providing input
Languages:
- English language (proficient), mandatory.
- Broadcast region language (working knowledge), desirable.
Should you be interested in this position please apply by submitting your CV and a cover letter in English.
Appointment against this post is on a local basis only. Please note that for the locally advertised positions preference will be given to those with a work permit and/or a valid residence status in the Czech Republic. Locally recruited employees should reside within commuting distance of Prague, Czech Republic, or be willing to move to take up work. They are not eligible for allowances applicable to candidates who are internationally recruited. Rather, they receive statutory benefits as per Czech labor law. Salary scales for locally recruited employees are based on the best prevailing local conditions. RFE/RL does, however, cover the costs of interview travel and, upon appointment, some relocation costs.
Note: In response to changing operational requirements, RFE/RL retains the discretion not to make an appointment, or to modify the job specifications for a particular vacancy.
By replying to this advertisement or sending your CV and/or other personal data to RadioFreeEurope/RadioLiberty, you are agreeing to having your data saved and managed by employees of the HR department of the company for possible future reference in full accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) GDPR and Act No 110/2019 Coll., on personal data processing. This agreement may only be withdrawn by a written revocation and remains valid until that date. However no longer than 5 years.
Odpovědí na tento inzerát či zasláním Vašeho životopisu a případných dalších osobních materiálů do společnosti RadioFreeEurope/RadioLiberty dáváte souhlas ke zpracování a uchování Vašich osobních údajů dle Nařízení Evropského parlamentu a Rady (EU) 2016/679 ze dne 27. dubna 2016 o ochraně fyzických osob v souvislosti se zpracováním osobních údajů a o volném pohybu těchto údajů a o zrušení směrnice 95/46/ES (obecné nařízení o ochraně osobních údajů), dále jen GDPR a zákona č. 110/2019 Sb., o zpracování osobních údajů. Tento souhlas platí až do jeho odvolání písemnou formou, maximálně však po dobu 5 let.
Privacy Notice for RFE/RL Job Applicants
RFE/RL, Inc. is a private, nonprofit corporation funded by a grant from the U.S. Congress through the U.S. Agency for Global Media (USAGM). Due to RFE/RL’s special character, the countries in which RFE/RL operates, and the type of work RFE/RL performs, it is RFE/RL's obligation to verify the accuracy of information provided by each applicant in order to ensure the safety and security of our employees and workplace. RFE/RL must ensure that everybody who advances to the final stage of the selection process for a position at RFE/RL and who wishes to enter into an employment relationship with RFE/RL must undergo pre-employment background check.
With respect to the above, RFE/RL informs you, as an applicant, that your employment at RFE/RL is contingent on the successful completion of pre-employment check.
Therefore after your acceptance of RFE/RL‘s offer letter, you will be subject of pre-employment check (performed by external Czech entity). Detailed information about collection and processing of your personal data in this matter will be provided to you together with the offer letter.
Privacy Notice for RFE/RL Internship or Fellowship Applicants
The process described above largely applies to applicants for internships and fellowships as well – simply replace the word “employment” with “internship” or “fellowship” as applicable.