Handling incident response procedures in the Security Operation Center in cooperation with our external IT security service provider
Interpretation of alarms from SIEM and IDS/IPS systems as well as other common IT infrastructure security solutions
Evaluation of log data, forensic analysis of malware samples and recommendation of appropriate countermeasures in the event of security incidents
Anomaly and attack pattern detection along the cyber kill chain, for example as part of threat hunting
Active stopping of malware propagation, C2 communication, active exploits, infiltrations and data outflows
IT security support and further technical advice for business departments on IT security issues
Further development of IT security standards, architectures and processes at EDAG, whilst incorporating the latest technologies and implementing further security alerts and solutions
Participation in penetration tests
requirements-expected :
Successfully completed degree in computer science, information technology or comparable training
At least 3 years of professional experience in one of the following areas: Incident Response, Malware Analysis or Pentesting
Good knowledge of computer networks (OSI layers) and operating systems (Windows/Linux) as well as prior knowledge of analyzing Windows/Linux logs, experience with MacOS is an advantage
Experience in dealing with common IT security systems as well as manual and tool-supported attack techniques
Experience with Google Security Operations (formerly Chronicle), Elastic Stack and Microsoft Defender is desirable
Experience in identifying and evaluating Indicators of Compromise (IoCs) and Threat Intelligence (TI) information, including domain and website analysis as well as assessing domain meta information and reputation.
Ability to understand complex organizational relationships and areas of responsibility within a large organization and to apply security roles in accordance with information security guidelines
Ability to work in an international remote team and communicate with different cultures
Analytical thinking and problem-solving skills
Ability to work independently, take initiative and be resilient in critical situations
Certifications in offensive or defensive cyber security (e.g. OSCP, CISSP or SANS GIAC) are an advantage
Fluent English skill, German will be an additional advantage.
offered :
stable employment based on an employment contract (UoP / B2B),
flexible working hours, hybrid work and remote work,
opportunities for professional development in an international environment,
clearly defined promotion rules based on experience and performance evaluation, motivational remuneration system,
benefits after a 3-month probation period, including: access to the MultiLife platform (free consultations with specialists such as psychologists, personal trainers, etc.), MyBenefit cafeteria – co-financing for a MultiSport card or cultural events, private medical care, paid leave,
EdenRed lunch card (PLN 300/month),
group insurance,
German and/or English language courses,
certified professional training and soft skills workshops,
friendly office atmosphere and team-building outings.
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of foreign language classes
sharing the costs of professional training & courses
life insurance
remote work opportunities
flexible working time
integration events
no dress code
coffee / tea
leisure zone
meal passes
sharing the costs of tickets to the movies, theater