Informacje o stanowisku

Opis stanowiska pracy

Cybersecurity Operations Engineer
Kraków
NR REF.: 1194079

Your new company 

For our client, an international leader in the engineering and standardisation of fluid compounding and handling technologies, we are currently looking for a Cybersecurity Operations Engineer.

Your new role 

• Working as a key player in a dynamic and international team ensuring the security (CIA) confidentiality, integrity and availability of the company and its customer39s (where relevant) systems and data.
The Cybersecurity Engineer uses technical skills and knowledge of several security technologies to analyse and respond to security threats from various security platforms and technologies.
• Responsible for initial triage of incoming security-related incidents. Automate, monitor, and analyse logs and alerts from a variety of different technologies across multiple platforms in order to identify and mitigate security incidents.
• Experience and knowledge of technologies, methods and platforms:
o SIEM, Azure Sentinel, Splunk, etc.
o IDS/IPS, Firewalls, Network Access Control.
o Phishing, Social Engineering methods.
o MITRE-Framework, TTPs, Cyber-kill-chain, Security Baselines, Pen-tests, Red Team vs Blue Team.
o Behavioural analysis, Anti-virus and EDR, end-point protection and other advanced security systems.
o Sandboxing, Malware analysis, URL redirections, Threat Intelligence, Threat Hunting
o Servers and workstations of various OS (Microsoft, Linux, Unix, macOS, Citrix)
o Other security technologies such as: Public Cloud: Azure, AWS, CASB, SASE, SSE.
• Assess the security impact of security alerts and traffic anomalies to identify malicious activities and take mitigating actions or escalate to other operations teams or management as appropriate.
• Enable OS hardening across multiple operating systems like Linux and Windows.
• Execute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures.
• Process tactical mitigations based on results of analysis and determination of threat validity.
• Follow escalation and handoff procedures to team members and leadership based on defined threat and priority determination.
• Document results of cyber threat analysis effectively and prepare comprehensive handoff and/ or escalations for Incident Reponses or other teams, forensics.
• Support in writing technical articles and presentations for knowledge sharing within the team, when necessary.
• Coordinate with other departments on exercises, programs, and workshops, as needed.
• Develop and report on enterprise-level metrics for cybersecurity vulnerabilities and risk and remediation progress or mitigation steps. Understand, demonstrate, and educate stakeholders on the real-world impact of threats and vulnerability exploitation in a given environment.
• Assist in designing security and strategies/ concepts related to servers, clients, and other ICT systems to support a growing global enterprise network in line with company goals; working to existing standards and developing new ones.
• Participate in security risks, threats and vulnerabilities assessments and audits.
• Analyse internal and external network, server and application activity using various tools.
• Improve security-related monitoring and alerts by using automation where applicable.
• Identify and provide mitigation/ improvement steps for any security gaps in network, server and applications.
• Participate in new security solutions evaluation, design and implementation.
• Provide information security requirements advice and counsel to various teams.
• Stay on top of technological advancements in IT, specifically network and system security, be aware of malicious attack vectors, common vulnerabilities, and best-practice security defences.
• Implement and maintain (where required) documentation, licences etc.
• Communicating, working with and coordinating actions with third parties and external consultants and engineers.

What you39ll need to succeed 

Education & Experience:
• Degree in computer science or 3+ years’ experience working in IT and at least 2+ years working within a SOC or Operational
Security Team.
• Licences/ Certifications: Industry recognised certifications preferred from: CISSP, CISM, CEH, CompTIA Security+, OSCP,
CCSP, Microsoft (Cloud, Hybrid, Azure, legacy e.g. MCSE).

Profile:
• Background in security threat analysis and threat hunting with the ability to determine the risk level of identified threats and necessary urgency in remediation.
• Possess a strong technical understanding of common network and system vulnerabilities.
• Understanding of networking principles (OSI Model, routing, TCP/IP). Windows and Linux operating systems, and basic administration.
• Knowledge of best practices in common security technologies and methodologies.
• Problem-solving skills and the ability to work under pressure in a rapidly paced environment.
• Experience working with cross-business and cross-functional teams in a geographically distributed environment.

What you need to do now 

If you39re interested in this role, click 39apply now39 to forward an up-to-date copy of your CV, or call us now.

Hays Poland sp. z o.o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.

Kraków - Oferty pracy w okolicznych lokalizacjach