You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Posted 5 months ago
Requirements and responsibilities
About OutreachOutreach, founded in 2014, is the only complete AI Revenue Workflow Platform that helps sales leaders benefit from connected account visibility, performance insights, and higher forecasting accuracy across every GTM team. Outreach infuses agentic AI to power 100s of use cases across sales motions. From new logo prospecting to renewal and expansion, Outreach AI automates workflows and frees sellers to focus on more strategic conversations and actions. Global organizations use Outreach to power their revenue teams, including SAP, Siemens, Snowflake, ZoomInfo, and Verizon to name a few. To learn more, please visit www.outreach.io.The RoleThis role blends incident response, threat intelligence, and threat hunting across Outreach’s cloud and SaaS environment. Outreach is hiring an Incident Responder to conduct investigations, perform threat intelligence, and proactively hunt threats across our cloud and SaaS footprint. You will turn threat intelligence into detection and strengthen controls.Work Requirements:This position requires participation in an on-call rotation to provide expert support during critical security incidents.LocationWhile we are remote-friendly, we remain an office-centric company. This role is categorized as hybrid and it is expected you live in a reasonable proximity to the office in Prague so you would be able to connect with your team on weekly regular basis, attend in-person meetings and company events.EmploymentThis is a full-time, permanent role, not eligible for contractors and for work from other countries.Your Daily Adventures Will IncludeIncident Response: Triage, scope, contain, and eradicate across cloud, SaaS, identity, and endpoint; maintain runbooks, evidence, and concise stakeholder updatesThreat Hunting: Hypothesis/ATT&CK-driven hunts; baseline behavior; author/tune detections (e.g. Zeek, YARA, etc.); automate workflows (Python/PowerShell/SOAR)Threat Intelligence: Transform IOCs/TTPs into hunts & detections; track actors/campaigns, produce short intel notes, and drive requirements; curate indicators in Malware Information Sharing Platform & Threat Sharing/OpenCTI where applicablePartner with platform/IAM on hardening (logging/retention, least privilege, secrets/key lifecycle)Contribute post-incident improvements and metrics.Our Vision Of You3–6+ years in IR/CSIRT with hands-on threat intel and threat hunting experience. Deep OS knowledge: Windows, macOS, Linux internals/artifacts and endpoint telemetryUnderstanding of networks & firewalls: TCP/IP, UDP, ICMP, HTTP/S, SMTP, DNS; packet/flow analysis; firewall/WAF/proxy rule review. SaaS security: Okta/Entra ID/Google Workspace, Salesforce, Slack, GitHub (audit, auth, OAuth investigations)Cloud IR: AWS/Azure/GCP audit sources and identity/OAuth pivotsTooling: EDR (CrowdStrike/SentinelOne/Defender), SIEM (Splunk/Elastic/Chronicle)Detection & Automation: Zeek/YARA/SQL; Bash/Python/PowerShellUnderstanding in container and exposure to Kubernetes and Docker. Proven experience in HIPAA and SOC 2 Type II environments. Excellent EnglishInterpersonal skills: clear, structured communicator for technical and executive audiences. Calm, decisive leadership under pressure; ownership and follow-through. Customer-minded; explains risk/trade-offs and shares knowledgeYou embody our core values: we are trusted advisors, we win as one team and we take ownershipPreferred QualificationsWhile not mandatory, the following qualifications will significantly differentiate strong candidates and indicate a deeper specialization:Experience with Security Orchestration, Automation, and Response (SOAR) platforms and playbook developmentKnowledge of malware analysis (static and dynamic) and reverse engineering techniques, and familiarity with associated toolsFamiliarity with DevSecOps principles and experience securing CI/CD pipelinesUnderstanding of compliance frameworks relevant to SaaS environments (e.g., SOC 2, ISO 27001/27701/42001, GDPR, HIPAA)Why You’ll Love It HereAmazing working space with a running track on its roofFlexible time off, 5 weeks of vacation, and 5 annual sick days4% employer supplemental pension monthly contributionPrivate medical care for employee and spouse with Program Health Plus Life insurance at 2x annual salary5.000 CZK monthly allowance for meal vouchers, flexipasses and other personal expenses16 weeks of annual top up maternity leave pay or 8 weeks of fully paid paternity leaveOpportunity to be part of company success via the RSU programDiversity and inclusion programs that promote employee resource groups like OWN+ (Outreach Women's Network), Adelante (Latinx community), OBX (Outreach Black Connection), Mosaic (AAPI community), Pride (LGBTQIA+), Gender+, Disability Community, and Veterans/MilitaryEmployee referral bonuses to encourage the addition of great new people to the teamFun company and team outings because we play just as hard as we workOur success is reliant on building teams that include people from different backgrounds and experiences who can elevate assumptions and ideas with fresh perspectives. We're dedicated to hiring the whole human, not just a resume. To that end, we look for a diverse pool of applicants-including those from historically marginalized groups. We would like to invite you to apply even if you don't think you meet all of the requirements listed below. We don't want a few lines in a job description to get between us and the opportunity to meet you.We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Optionally, you can add more information later (benefits, pre-screening questions, etc.)