Senior Cyber Defense Incident Responder
Hays
- Warszawa, mazowieckie
- Stała
- Pełny etat
- In this role, as an incident commander, you will be a decision maker during a major incident.
- The role will have a focus on aspects of investigations.
- Evaluates and ensures the resolution of technically sophisticated security issues, internal control issues, critical incidents and/or crisis resolution management
- Managing security incidents related to internal applications and infrastructure
- Delegating tasks within the CSOC and collecting pertinent information from various data sources to support an investigation
- Partnering with internal teams such as Digital Command Center, DBRT, Privacy and legal as part of the greater Incident response process
- Maintain knowledge of applicable Security Operations policies, regulations, and compliance documents specifically related to security
- Establish and maintain relationships with the suppliers, vendors, and partners with federal agencies along with the overall information security industry
- Provide actionable intelligence through written and verbal products to a diverse audience, including business partners, senior leaders, and security analysts
- A minimum of 6 years of Information Security/ IT Risk Management/IT experience with growing technical responsibilities
- Solid technical understanding of applications is required (ex. SAP, SalesForce, etc.)
- Good understanding of malware families, types, and ability to analyse event data generated by anomalies.
- A solid grasp of the current threat landscape including the latest tactics, tools, and procedures, common malware variants, and effective techniques for detecting this malicious activity is required
- Good interpersonal, verbal, and written communication skills are required
- Fluent English (B2+)
- Experience working with virtual, global teams - including diverse groups of people with wide-ranging backgrounds and cultural experience is preferred
- An ability to obtain and maintain a security clearance is required
- Experience with structured analysis techniques (Diamond Model, Cyber Kill Chain) as well as a demonstrable understanding of the MITRE ATT&CK framework is preferred
- Experience with common operating systems, services, networking protocols, logging, attacker techniques and tools is preferred
- Security certifications such as CISSP, SANS GIAC CTI, GCFA, GNFA are preferred
- At least 2 years of security operations experience is preferred
- High rate understanding of cloud technologies/services (Virtual Private/Hybrid Cloud, SaaS, IaaS, PaaS, DBaaS) and the appropriate logging, controls and processes to secure them is preferred
- Contract of employment
- Yearly bonus 16%
- International working environment (+ business travels from time to time)
- Medical, sport, insurance and cultural benefits packages
- English lessons
- Hybrid working model (3 days office, 2 days remote/week)
- Company car or car allowance
Jobs.pl