Network Security Engineer - Cisco / Fortinet / Palo Alto / F5

I'm interested

Job Type

Permanent
Contract

Job type

Full time

Salary

90.000-140.000 CZK

Location

Hlavní město Praha
Hybrid
Remote

ID

STQ_472_JOB


O našem klientovi

Poptávka: Senior Network Engineer se zkušeností s designem a implementací enterprise sítí. HPP/IČO. Hybrid/Remote (Onboarding 1-2 dny týdně Praha, dále již možno remote)

Mezinárodní skupina s rodinnou kulturou, práce na velkých projektech (fintech, státní správa, enterprise). Silný důraz na Cisco, výhodou Fortinet / Palo Alto / F5. Plus auto.

Stabilní mezinárodní technologická skupina s více než 30 lety na trhu, přes 800 zaměstnanci a zastoupením v 7 zemích.
Realizuje projekty v oblasti:
* Výstavby datových center a cloudových řešení pro finanční a telekomunikační společnosti
* Robotizace procesů ve výrobních podnicích
* Vývoje, integrace a implementace softwarových řešení pro e-commerce, IoT, veřejný sektor i enterprise segment
* CRM systémy, zákaznické portály, podnikové aplikace, BI a reporting, Microsoft Power Apps a další platformy
* Komplexní kybernetické bezpečnosti pro vládní i komerční organizace
Firemní kultura je postavená na věcném a přímém přístupu, bez zbytečné byrokracie a korporátních manýrů. Řada zaměstnanců zde pracuje více než 10 let, díky čemuž si společnost zachovává know-how a stabilní tým. Přestože jde o mezinárodní skupinu, procesy a komunikace si stále drží charakter menší firmy s rodinnou atmosférou.

Náplň práce

Návrh, implementace a správa komplexních síťových infrastruktur pro enterprise prostředí – včetně core/distribution/access vrstev, VPN, WAN a bezdrátových sítí

Konfigurace a podpora bezpečnostních prvků – NGFW, IPS/IDS, autentizace, segmentace, Zero Trust koncepty
Nasazení a integrace řešení od klíčových vendorů: Cisco, Fortinet, Palo Alto, F5, Aruba – podle typu projektu

Spolupráce na architektuře a rozvoji sítí zákazníků (design, HLD/LLD dokumentace, PoC, validace)

Diagnostika a řešení složitějších incidentů v síťových a síťově-bezpečnostních prostředích

Technické konzultace a prezentace řešení pro zákazníky – včetně presales podpory obchodního týmu

Spolupráce s dalšími odděleními (architekti, projektoví manažeři, support, delivery)

Příležitost k přímé práci u zákazníků na klíčových projektech v oblasti komerční i státní sféry

Požadavky

Certifikace Cisco CCNP Enterprise

Znalosti v oblasti bezpečnostních konceptů, VPN, FTD/ASA, ISE (CCNP Security výhodou)

5+ let zkušeností v oblasti network engineeringu

Výhodou zkušenosti s technologiemi Fortinet, Aruba, Palo Alto, F5

Výhodou znalost SDN konceptů (SDA/SDDC/SD-WAN), cloudových prostředí (Azure/AWS)

Výhodou zkušenosti s automatizací (Python, IaaC principy)

Chuť učit se, proaktivní přístup, týmovost

Angličtina na technicky profesionální úrovni

Nabídka a podmínky

* Hybridní a flexibilní režim práce — office / remote
* Spolupráce formou HPP nebo IČO
* Stabilní zázemí silné technologické společnosti
* Flexibilní benefitní systém přizpůsobitelný dle preferencí
* Multisport karta
* Plně hrazená anonymní terapeutická podpora
* Příspěvky na penzijní spoření a zdravotní benefity
* Budget na hardware a software dle vlastního výběru — notebook Windows nebo MacBook
* Možnost získání služebního vozu i pro soukromé účely (dle seniority a rozsahu odpovědností)

Více informací

Pokud zaujalo, ozvěte se prosím. Žádné nesmyslné formality díky letité spolupráci s prověřeným a solidním klientem. Pozicí vás provede seniorní recruiter s více než 10 lety praxe v IT náboru.

Pozn.: Tato pozice je otevřena pouze pro česky / slovensky mluvící kandidáty, kteří mohou pracovat v České republice bez potřeby vízového sponzoringu a mají platné pracovní oprávnění pro EU. Kandidáti bez těchto kvalifikací nebudou do výběrového řízení zařazeni.

I'm interested

Similar jobs


Senior Detection Engineer – Splunk / Sentinel

Location

Hlavní město Praha
Remote

Job Type

Permanent

Field

Networks / Security

Salary

90.000 - 130.000

Our client is a global technology and professional services company with a Cyber Center based in Prague. The team supports enterprise clients across multiple industries and operates as a mature, production-grade security organization — not a lab environment or short-term pilot setup. The Prague office consists of approximately 270 professionals. The broader security operations unit has around 80 people, including roughly 27 engineers responsible for the technical layer — SIEM platforms, detection pipelines, and incident response tooling. English is used for client-facing communication and documentation; Czech is the day-to-day language within the local team. Why This Role Exists Now: The security operations team is expanding. Two new engineers are joining in parallel — one focused on broader platform operations (separate ad), while this role is aimed at someone with deeper expertise in detection architecture, detection engineering at scale, and advanced-level Splunk Enterprise Security or Microsoft Sentinel analytics. The team already includes senior engineers who designed parts of the current detection architecture, meaning critical knowledge and mentorship are available from day one. IBM QRadar is entering maintenance mode. If you've spent years on QRadar and know the transition is coming, this is where that transition happens — with a team already running Splunk ES and Sentinel in production, and a clear onboarding path into both.What Matters Most: This role is for someone who thinks in terms of detection logic, not just queries. Three things are essential: — Advanced detection platform expertise — Splunk Enterprise Security (risk-based alerting, notable event management, ES data models) or Microsoft Sentinel (analytics rules at scale, KQL optimization, UEBA, Fusion), with 3+ years of real production experience — Detection engineering mindset — understanding of threat models (MITRE ATT&CK), ability to map detection gaps to adversary behavior, and write detection rules that are effective without generating excessive noise — Strong understanding of data pipelines — knowledge of log source behavior, normalization principles, and the impact of broken parsing rules English should be strong enough for technical documentation and client-facing reporting. If your background is QRadar or a single-vendor environment — that's fine. SPL and KQL are tools. We care about how you think about detection, not which query language you currently know. Nice to Have: — Chronicle / Google SecOps experience — YARA-L detection rules, UDM data model — SOAR experience — Splunk SOAR (Phantom), Microsoft Sentinel playbooks, or similar tooling — Certifications such as Splunk Core Power User / Architect, Microsoft SC-200, GCIA, GCIH — Threat hunting experience — proactive analysis of historical data for indicators of compromiseRole / Mission: Your primary responsibility will be detection engineering and platform ownership — not alert monitoring. You'll design and maintain correlation rules and analytics, ensure incoming data is properly parsed and normalized, and build detection logic that identifies meaningful threats without overwhelming analysts with noise. Primary platforms include Splunk (including Splunk Enterprise Security) and Microsoft Sentinel. Chronicle / Google SecOps is present in selected client environments, so experience with it is a strong advantage. QRadar and ArcSight still exist in several legacy environments. Success after 12 months means owning at least one major detection domain. Your analytics rules have measurably reduced false positives, and you can clearly explain why specific rules are tuned the way they are. Key Responsibilities: — Design, build, and maintain detection analytics in Splunk ES (correlation searches, risk-based alerting) and/or Microsoft Sentinel (analytics rules at scale, KQL, Fusion detections) — Manage data ingestion pipelines — onboarding log sources, parsing, normalization, field extractions — Conduct threat-informed detection reviews: map coverage against MITRE ATT&CK, identify gaps, prioritize improvements — Support incident response escalations through platform-level investigations — advanced queries, timeline reconstruction — Contribute to SOAR playbook development and automation logic — Participate in on-call rotation and lead post-incident reviews related to platform-level issues What This Role Is NOT: — Not a Tier 1 analyst role — you'll work upstream from triage, designing the logic that enables effective detection and response — Not a pure administration role without detection ownership — the expectation is to build and improve, not only configure — Not an isolated research position — your work directly impacts live enterprise environments, so quality matters from day one Operating Model: Standard working hours, no shift work. On-call rotation is shared across the engineering team. Hybrid setup in Prague or fully remote is also possible. Reports to: Head of Security Engineering Language: English for client-facing communication and technical documentation; Czech for internal team collaboration Travel requirements: minimalInterested? Let's Talk If this sounds like the kind of challenge you're looking for, apply now. Throughout the process, you'll work with a senior recruiter who has hands-on IT experience. Straightforward communication, technically grounded discussions, and no unnecessary recruitment overhead. Send your CV or LinkedIn profile to or connect via linkedin.com/in/jirisoljak Interview Process: — Intro call with a SITEQ recruiter — 30 minutes covering the role and client context — First interview with the team lead — team structure, responsibilities, day-to-day collaboration — Technical interview with a senior engineer from the security operations team — detection logic, platform depth, real-world scenarios (no trick questions) — Offer Please note: this position is open only to candidates who are eligible to work in the EU without visa sponsorship and are able to reside and work in the Czech Republic.

IAM / Identity Security Analyst

Location

Hlavní město Praha
Hybrid

Job Type

Permanent
Contract

Field

Networks / Security

Salary

75.000 - 110.000 CZK

International technology group with 30+ years in the market, 800+ professionals, and offices across Central and Eastern Europe. They deliver projects in IT infrastructure, data centres, cloud solutions, and cybersecurity. The company is growing — clients are expanding their demand, new projects are coming in, and there's space for new competencies. The Cyber Security / IAM division currently works heavily with the IdStory platform, but the environment includes other IAM/IDM solutions too. They need someone who can handle the full cycle from analysis to implementation. Why This Role Exists Now: Client demand for identity security is growing. The IAM division is expanding its project portfolio and needs someone who can own the full delivery cycle — from analysis through architecture to go-live. There's space for new competencies and platforms beyond IdStory. The right person can shape what the IAM practice looks like going forward.What Matters Most: — IAM/IDM experience — minimum 3–5 years in IT security / IAM. Real implementation experience, not just operations — IAM platforms — IdStory, SailPoint, One Identity, Entra ID, Okta, or similar. Knowing one superficially isn't enough — Client-facing communication — analysis, consultations, presenting solutions. This is non-negotiable — Integration and APIs — REST, SOAP, GraphQL. You know how to connect systems Fluent Czech or Slovak required. English at a level where you can handle a normal working discussion. Nice to Have: — SQL and databases — you work with data, not just look at GUIs — Scripting (Groovy, PowerShell, Python) — Basic Linux knowledge — Identity governance concepts and identity lifecycle management — Experience with HR systems and their integration with IAM These are nice to have — not hard filters.Role / Mission: You own the full cycle — from the first client workshop through architecture to go-live. You walk into a client's environment, map what's actually there, ask the right questions, pull the data together into a document, and design a new architecture. Then you implement it. You're an analyst and implementer in one — not someone who waits for a spec. After 12 months, this is what good looks like: completed projects, clients who trust you, and working identity integrations in real environments. Key Responsibilities: — You analyse customer requirements and design IAM/IDM architecture — You implement and integrate identity solutions into client environments — You handle incidents and operational support within SLA — not as the core of your work, but as part of it — You create technical documentation — actually useful materials, not formal paperwork — You provide technical consultations to clients — You contribute to presales — solution proposals, presentations, technical input for bids — You work with sales, presales, support, and delivery teams What This Role Is NOT: — Not AD administration — you won't be resetting passwords and creating accounts — Not a pure operations role — SLA tickets are part of the job, but not the core — Not an isolated position — client and team communication is key Operating Model: Prague-based, remote-friendly. More time in the office during onboarding. After that, remote is possible — but you're expected at the office or client sites as needed. Most of the business is in and around Prague, so a reasonable commute matters. No 24/7 on-call. Permanent contract preferred, freelance possible. Czech or Slovak proficiency required. Direct report: Head of Network & Security division.More Information: Interested? Apply or get in touch: | linkedin.com/in/jirisoljak No CV needed — a LinkedIn profile and a few sentences about yourself is enough. You'll speak directly with a senior IT recruiter with hands-on IT background — 450+ hires. A relevant conversation without the HR fluff. Process: — Short intro call (15–30 min) — Maximum 2 rounds — if there's a fit, a decision can come after the first one — In-person meeting before the final decision — You'll know where you stand at every step EU work authorization required. No visa sponsorship.

IT jobs