Who we are:

ArcelorMittal Business Center of Excellence (BCOE) is the business services competency center at ArcelorMittal Europe - a global leader in the steel and mining industries. BCOEs mission is to provide business services to the ArcelorMittal in the most cost-effective and timely manner to enable it to concentrate on its core tasks. BCOE has experience resources and uses state of the art tools to deliver best-in-class service and cost competitiveness to ArcelorMittal Group, its affiliates and also external clients. We are a results-oriented company for which passion, people and progress are extremely important. We value diversity and integration in the workplace, and our strength lies in multicultural teams. We attach great importance to the support and development of our employees.

For more information please check out our website: https://bcoe.arcelormittal.com/

Where we are: Company headquarters is located in Poland in Dąbrowa Górnicza

About our IT Team:

We are hiring more than 100 employees in IT domain. Our IT Team consists of: SAP solutions, development (e.g. PowerBI, Python), RPA, infrastructure& service desk, cybersecurity, project management and we are constantly growing !

Join our Team in BCOE !

What we can offer you on employment contract:

• Private medical care in Medicover
• Co-financing for meals
• Sharing the costs of foreign language classes
• Sharing the costs of professional training & courses
• Remote work opportunities
• Flexible working time
• Integration events
• Retirement pension plan
• Saving & investment scheme
• Preferential loans
• No dress code
• Coffee / tea
• Parking space for employees
• Leisure zone
• Extra social benefits
• Kindergarten / nursery

✔ Main activities as IT Security Specialist

Primary responsibility will be conducting manual and automated pentests of Web applications, both internal and exposed to the Internet. This position require also further development of various Security solutions and services that aim to protect endpoints and data, to evaluate vulnerabilities, to monitor security breaches and support incident response. You will also support Security Operations Center in daily duties and investigation on escalated events from different security platforms.

✔ Key responsibilities:

Pentesting Web Applications:

• Perform manual and/or automated pentests of Web Applications accordingly with schedule or on-demand
• Perform discovery scans on a given scope to determine any existing applications not yet listed in inventory
• Gather information necessary to conduct authenticated and/or non-authenticated tests
• Maintain solutions used for automated scans, ensure proper scheduling and least privilege principle
• Support team and local units in executing post-pentest recommendations

Security tools management:

• Supporting SOC team in monitoring EDR, NDR, SIEM platforms when needed
• Ensure that security monitoring tools are working properly
• Support team in deployment of necessary security tools in the infrastructure
• Contribute to the development of operating capabilities of the team members
• Interpret results of vulnerability scans in context of ongoing security incidents

Possible evolutions:

• Security expertise, Forensics, Purple team pentests
• Technical domains to be covered
• Burp Pro, Nmap
• Purplemet, Qualys, Bitsight
• Vulnerability scanner, preferably Tenable Security Center

✔Requirements:

• Essential understanding of at least 3 of below knowledge domains:
• Web Application pentesting
• Windows/AD Administration
• Linux Administration
• Networking
• Security Monitoring
• Vulnerability management
• Forensics & Incident Response
• Good knowledge and strong interest in IT Security (best-practices, standards, technology)
• A proven experience of working with security tools like AV, EDR, SIEM, NDR
• Experience with security incidents handling as advantage
• Quick learner with strong time management skills
• Able to work in multi stakeholder environment
• Strong troubleshooting skills and good attention to details
• Curiosity and ability to learn