Back to all jobs
About the role
<p><span style="font-family: arial, helvetica, sans-serif;"><strong>CAPCO POLAND </strong></span></p>
<p><span style="font-family: arial, helvetica, sans-serif;"><strong>*We are looking for Poland based candidate. </strong></span></p>
<p><span style="font-family: arial, helvetica, sans-serif;">Capco is a fully independent, global management and technology consultancy. For 25 years we have combined innovative thinking with deep industry knowledge to deliver business consulting, digital transformation and technology services to Finance and Energy markets. Our collaborative and efficient approach helps clients reduce costs and manage risk and regulatory change while increasing revenues. We are thinkers, innovators, and disruptors. We are small enough to care but large enough to matter.</span></p>
<p><br><span style="font-family: arial, helvetica, sans-serif;"></span></p>
<div><span style="font-family: arial, helvetica, sans-serif;">We are seeking a highly skilled <strong>Security Operations Engineer</strong> to support the expansion of a strategic security program focused on onboarding critical applications into enhanced monitoring capabilities.In this role, you will play a key part in building and optimizing SIEM detection capabilities, supporting threat verification, and enabling regulatory alignment with <strong>DORA (Digital Operational Resilience Act)</strong> requirements by the end of 2026. You will work at the intersection of <strong>SIEM engineering, threat modelling, and security operations</strong>, contributing directly to improving detection accuracy and strengthening overall security posture.</span></div>
<p> </p>
<p><span style="font-family: arial, helvetica, sans-serif;"><strong>Key Responsibilities:</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"></span>
<div><span style="font-family: arial, helvetica, sans-serif;"><strong>Detection Engineering:</strong> Design, build, and optimize SIEM detection rules (with a focus on Microsoft Sentinel)</span></div>
</li>
<li style="font-family: arial, helvetica, sans-serif;">
<div><span style="font-family: arial, helvetica, sans-serif;"><strong>Testing & Automation:</strong> Develop and execute test cases for detection logic; automate validation processes using scripting</span></div>
</li>
<li style="font-family: arial, helvetica, sans-serif;">
<div><span style="font-family: arial, helvetica, sans-serif;"><strong>Application Onboarding:</strong> Support onboarding of critical applications into the security monitoring ecosystem</span></div>
</li>
<li style="font-family: arial, helvetica, sans-serif;">
<div><span style="font-family: arial, helvetica, sans-serif;"><strong>Requirements Gathering:</strong> Collaborate with application teams to define logging requirements and detection use cases</span></div>
</li>
<li style="font-family: arial, helvetica, sans-serif;">
<div><span style="font-family: arial, helvetica, sans-serif;"><strong>Workshop Facilitation:</strong> Lead and moderate workshops with stakeholders to align on threat scenarios and security capabilities</span></div>
</li>
<li style="font-family: arial, helvetica, sans-serif;">
<div><span style="font-family: arial, helvetica, sans-serif;"><strong>Technical Documentation:</strong> Produce clear and comprehensive documentation covering detection logic, threat models, and validation results</span></div>
</li>
<li style="font-family: arial, helvetica, sans-serif;">
<div><span style="font-family: arial, helvetica, sans-serif;"><strong>Collaboration:</strong> Work closely with SOC, engineering, and red teams to enhance alert fidelity and incident response effectiveness</span></div>
</li>
<li style="font-family: arial, helvetica, sans-serif;">
<div><span style="font-family: arial, helvetica, sans-serif;"><strong>Compliance Delivery:</strong> Contribute to threat verification and ensure deliverables meet ALaM program and DORA milestones</span></div>
</li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif;"><strong>Required Skills and Experience:</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"></span>
<div>
<ul>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"><strong>SIEM Expertise:</strong> Hands-on experience with SIEM platforms (strong preference for Microsoft Sentinel)</span></li>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"><strong>Detection Engineering:</strong> Proven track record in creating, tuning, and testing detection rules</span></li>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"><strong>Scripting & Automation:</strong> Proficiency in Python, PowerShell, Bash, or similar for automation use cases</span></li>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"><strong>Communication:</strong> Strong English communication skills with the ability to confidently lead stakeholder workshops</span></li>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"><strong>Technical Knowledge:</strong> Understanding of cloud (Azure, AWS), operating systems (Windows, Linux), and database environments (SQL, Oracle)</span></li>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"><strong>Autonomy:</strong> Ability to work independently in a dynamic, high-volume onboarding environment</span></li>
</ul>
<hr>
<h3><span style="font-family: arial, helvetica, sans-serif;"><strong>Technology Stack</strong></span></h3>
<ul>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"><strong>SIEM & Security:</strong> Microsoft Sentinel</span></li>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"><strong>Cloud & Infrastructure:</strong> Azure, AWS, Windows, Linux, SQL, Oracle</span></li>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"><strong>Scripting & Automation:</strong> KQL, Python, PowerShell, Bash</span></li>
</ul>
</div>
</li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif;"><strong>Nice to have:</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif;"><span style="font-family: arial, helvetica, sans-serif;"></span>
<div><span style="font-family: arial, helvetica, sans-serif;">Experience in <strong>threat modelling</strong> and defining threat profiles</span></div>
</li>
<li style="font-family: arial, helvetica, sans-serif;">
<div><span style="font-family: arial, helvetica, sans-serif;">Familiarity with <strong>DORA</strong> or other regulatory frameworks in financial services</span></div>
</li>
</ul>
<p> </p>
<p><span style="font-family: arial, helvetica, sans-serif;">We have been informed of several recruitment scams targeting the public. We strongly advise you to verify identities before engaging in recruitment related communication. All official Capco communication will be conducted via a Capco recruiter.</span></p>
<p><span style="font-family: arial, helvetica, sans-serif;"><strong>We offer a flexible collaboration model based on a B2B contract, with the opportunity to work on diverse projects.</strong></span></p>
<p><span style="color: rgb(26, 26, 26); font-family: arial, helvetica, sans-serif;">#LI-REMOTE</span></p>
758,000+ hidden jobs like this
Capco and thousands of companies post here first — often days before LinkedIn or Indeed. Your first 5 applications are free; go Pro to apply without limits.
Everything Pro unlocks:
- Unlimited applications — free stops at 5
- Track every application in one place
- Apply straight to the source, one click
- Save & organize roles you love
- Roles pulled from company boards before the big sites
