SIEM Specialist

Whirr Crew is looking for a Prague-based SIEM Specialist to support our client, a leading financial services company, in strengthening its security monitoring and incident response capabilities. This role focuses on high-level SIEM strategy, stakeholder communication, and process improvement rather than hands-on implementation.

Details:

    •    Location: Czech Republic 

    •    Schedule: Full-time, hybrid (2-3 times per week onsite in Prague)

    •    Languages: Czech and English

    •    Start: ASAP

    •    Domain: Financial Services

Responsibilities:

    •    Act as a primary liaison between security, IT, and business teams to define SIEM requirements and ensure alignment with business and regulatory needs.

    •    Conduct a high-level assessment of the current SIEM setup, identifying gaps and areas for improvement.

    •    Develop strategic recommendations for optimizing SIEM processes, event correlation, and log management.

    •    Work closely with SOC teams, IT administrators, and compliance officers to improve threat detection and response.

    •    Ensure SIEM solutions are effectively integrated into the broader security monitoring framework.

    •    Oversee SIEM policies and procedures, ensuring they align with industry best practices and frameworks (e.g., NIST, ISO 27001, DORA).

    •    Provide advisory support on log retention strategies, event correlation rules, and incident handling processes.

    •    Support internal audits, risk assessments, and regulatory compliance efforts related to SIEM and security monitoring.

    •    Act as a trusted advisor to senior stakeholders, helping them understand security risks and SIEM’s role in mitigating them.

Desired Candidate Profile:

Must-have:

    •    Strong experience with SIEM solutions (e.g., Splunk, QRadar, Sentinel, ArcSight) in a high-level advisory or consulting capacity.

    •    Ability to analyze SIEM effectiveness and provide strategic recommendations rather than hands-on implementation.

    •    Experience working in financial services or other regulated industries.

    •    Strong knowledge of security frameworks and regulations (DORA, ISO 27001, NIST, etc.).

    •    Excellent communication and stakeholder management skills, with the ability to translate technical concepts for non-technical audiences.

Nice to have:

    •    Previous experience working with SOC teams and security incident management.

    •    Understanding of cloud security monitoring and SIEM integration in hybrid environments.