Senior Security Engineer

Job description

About Outreach

Outreach, founded in 2014, is the only complete AI Revenue Workflow Platform that helps sales leaders benefit from connected account visibility, performance insights, and higher forecasting accuracy across every GTM team. Outreach infuses agentic AI to power 100s of use cases across sales motions. From new logo prospecting to renewal and expansion, Outreach AI automates workflows and frees sellers to focus on more strategic conversations and actions. Global organizations use Outreach to power their revenue teams, including SAP, Siemens, Snowflake, ZoomInfo, and Verizon to name a few. To learn more, please visit www.outreach.io.

The Role

This role blended combining incident response, threat intelligence, and threat hunting across Outreach’s cloud and SaaS environment. Outreach is hiring and Incident Responder to conduct investigations, perform threat intelligence, and proactively hunt threats across our cloud and SasS footprint.

You will turn threat intelligence into detection and strengthen controls.

Work Requirements:

This position requires participation in an on-call rotation to provide expert support during critical security incidents.

Location

While we are remote-friendly, we remain an “office-centric” company. This role is categorized as hybrid and it is expected you live in a reasonable proximity to the office in Prague so you would be able to connect with your team on weekly regular basis, attend in-person meetings and company events.

This is a full-time, permanent role, not eligible for contractors and for work from other countries.

Your Daily Adventures Will Include

• Incident Response: Triage, scope, contain, and eradicate across cloud, SaaS, identity, and endpoint; maintain runbooks, evidence, and concise stakeholder updates
• Threat Hunting: Hypothesis/ATT&CK-driven hunts; baseline behavior; author/tune detections (e.g. Zeek, YARA, etc.); automate workflows (Python/PowerShell/SOAR)
• Threat Intelligence: Transform IOCs/TTPs into hunts & detections; track actors/campaigns, produce short intel notes, and drive requirements; curate indicators in Malware Information Sharing Platform & Threat Sharing/OpenCTI where applicable
• Partner with platform/IAM on hardening (logging/retention, least privilege, secrets/key lifecycle)
• Contribute post-incident improvements and metrics.

Our Vision Of You

• 3–6+ years in IR/CSIRT with hands-on threat intel and threat hunting experience. Deep OS knowledge: Windows, macOS, Linux internals/artifacts and endpoint telemetry
• Understanding of networks & firewalls: TCP/IP, UDP, ICMP, HTTP/S, SMTP, DNS; packet/flow analysis; firewall/WAF/proxy rule review. SaaS security: Okta/Entra ID/Google Workspace, Salesforce, Slack, GitHub (audit, auth, OAuth investigations)
• Cloud IR: AWS/Azure/GCP audit sources and identity/OAuth pivots
• Tooling: EDR (CrowdStrike/SentinelOne/Defender), SIEM (Splunk/Elastic/Chronicle)
• Detection & Automation: Zeek/YARA/SQL; Bash/Python/PowerShell
• Understanding in container and exposure to Kubernetes and Docker.
• Proven experience in HIPAA and SOC 2 Type II environments.
• Excellent English
• Interpersonal skills: clear, structured communicator for technical and executive audiences. Calm, decisive leadership under pressure; ownership and follow-through. Customer-minded; explains risk/trade-offs and shares knowledge

Preferred Qualifications

• While not mandatory, the following qualifications will significantly differentiate strong candidates and indicate a deeper specialization:

• Experience with Security Orchestration, Automation, and Response (SOAR) platforms and playbook development

• Knowledge of malware analysis (static and dynamic) and reverse engineering techniques, and familiarity with associated tools

• Familiarity with DevSecOps principles and experience securing CI/CD pipelines

• Understanding of compliance frameworks relevant to SaaS environments (e.g., SOC 2, ISO 27001/27701/42001, GDPR, HIPAA)

Why You’ll Love It Here

● Amazing working space with a running track on its roof

● Flexible time off, 5 weeks of vacation, and 5 annual sick days

● 4% employer supplemental pension monthly contribution

● Private medical care for employee and spouse with Program Health Plus

● Life insurance at 2x annual salary

● 5.000 CZK monthly allowance for meal vouchers, flexipasses and other personal expenses

● 16 weeks of annual top up maternity leave pay or 8 weeks of fully paid paternity leave

● Opportunity to be part of company success via the RSU program

● Diversity and inclusion programs that promote employee resource groups like OWN+ (Outreach Women’s Network), Adelante (Latinx community), OBX (Outreach Black Connection), Mosaic (AAPI community), Pride (LGBTQIA+), Gender+, Disability Community, and Veterans/Military

● Employee referral bonuses to encourage the addition of great new people to the team

● Fun company and team outings because we play just as hard as we work

Our success is reliant on building teams that include people from different backgrounds and experiences who can elevate assumptions and ideas with fresh perspectives. We’re dedicated to hiring the whole human, not just a resume. To that end, we look for a diverse pool of applicants-including those from historically marginalized groups. We would like to invite you to apply even if you don’t think you meet all of the requirements listed below. We don’t want a few lines in a job description to get between us and the opportunity to meet you.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.