.
Lead Security Analyst - Smart City
  • Łódź
Lead Security Analyst - Smart City
Łódź, Łódź, Łódź Voivodeship, Polska
INCUBLY SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
15. 3. 2025
Informacje o stanowisku

Lead Security Analyst - Smart City

Miejsce pracy: Łódź

Technologies we use

Expected

  • SIEM
  • IDS/IPS
  • EDR
  • TCP/IP
  • DNS
  • HTTP
  • AWS
  • Microsoft Azure
  • Google Cloud Platform

Optional

  • Crowdstrike
  • Rapid7
  • Digital Shadows

About the project

We are working with a fast-growing technology company committed to protecting its digital assets and maintaining a secure environment for its customers and employees. We seek a highly experienced and exceptionally skilled Lead Security Analyst to join our Security Operations team.

This is a critical role that will be instrumental in shaping the future of our security posture. We need an expert who can take the reins and elevate our detect and respond capabilities to the next level. This position demands a deep understanding of security principles, a proven track record of success, and the ability to lead in a fast-paced, dynamic environment. You will be responsible for designing, implementing, and managing security monitoring, threat intelligence, incident response, and vulnerability management processes. If you are a security leader with a passion for building world-class security programs and thrive on tackling complex challenges, we encourage you to apply.

Your responsibilities

  • Develop a comprehensive and cutting-edge detect and respond program, encompassing people, processes, and technology.
  • Evaluate, select, and implement advanced security monitoring tools (SIEM, EDR, etc.) and ensure seamless integration with our existing infrastructure.
  • Establish proactive threat intelligence processes to identify and mitigate emerging threats, with a focus on advanced persistent threats (APTs).
  • Define and refine incident response playbooks and procedures, incorporating industry best practices and innovative approaches.
  • Conduct regular security assessments, vulnerability scans, and penetration testing to proactively identify weaknesses and vulnerabilities.
  • Lead complex incident response efforts, from triage and investigation to containment, eradication, and recovery, ensuring minimal business impact.
  • Perform thorough post-incident analysis to identify root causes and drive continuous improvement, leveraging advanced forensic techniques.
  • Champion security awareness and best practices across the organization through comprehensive training programs and collaborative initiatives.
  • Provide expert guidance on security incident response and threat mitigation to different teams, fostering a security-first culture.
  • Partner with IT and engineering teams to integrate security controls into systems and applications throughout the software development lifecycle.
  • Continuously evaluate and improve the effectiveness of the detect and respond program, staying abreast of industry trends and emerging technologies.
  • Provide technical leadership and mentorship to security analysts, fostering their professional development and expertise.
  • Mentor and coach team members, providing guidance and support to help them grow their skills and knowledge in security operations and incident response.
  • Foster strong collaboration with internal teams, Managed Security Service Providers (MSSPs), and other stakeholders to ensure a unified security posture.
  • Communicate security risks and recommendations to senior management, influencing strategic decision-making.

Our requirements

  • Extensive Experience: 10+ years of proven experience in security operations, with a strong emphasis on detection and response, preferably in a complex and dynamic environment.
  • Expert-level understanding of security principles, best practices, and common security architectures.
  • In-depth knowledge of advanced attack vectors, threat actor TTPs, and cyber kill chain methodologies.
  • Hands-on experience with a wide range of security monitoring tools (SIEM, IDS/IPS, EDR, SOAR, etc.).
  • Strong understanding of networking concepts, protocols (TCP/IP, DNS, HTTP, etc.), and network security, including cloud networking.
  • Expertise in log analysis, interpretation, and correlation, utilizing advanced analytics and threat-hunting techniques.
  • Deep familiarity with cloud security concepts, tools, and best practices (AWS, Azure, GCP).
  • Experience with Crowdstrike, Rapid7, Digital Shadows, and native cloud security tools is highly desired.
  • Demonstrated ability to lead and mentor high-performing security teams, specifically in the areas of SecOps and detect and respond.
  • Excellent communication and interpersonal skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences, including executive leadership.
  • Strong analytical and problem-solving abilities, with a proven track record of resolving complex security incidents.

Optional

  • Shadows and native cloud security tools is highly desired.
  • One or more relevant security certifications are highly preferred, such as CISSP/ CISM/ GCIA/ GCIH/ AWS Certified Security - Specialty / Certified Cloud Security Professional (CCSP).

This is how we organize our work

This is how we work

  • at the clients site
  • you focus on a single project at a time
  • you have influence on the choice of tools and technologies
  • you have influence on the technological solutions applied
  • you have influence on the product
  • you focus on product development
  • you focus on code maintenance
  • agile
  • scrum

This is how we work on a project

  • Continuous Deployment
  • Continuous Integration

Development opportunities we offer

  • assistance in preparation to public speeches
  • intracompany training
  • mentoring
  • substantive support from technological leaders
  • support of IT events
  • technical knowledge exchange within the company

What we offer

  • Knowledge sharing within our company.
  • Agile and friendly atmosphere, non-violent communication and full respect for diversity.
  • Possibility to choose from onsite (in Lodz, Poland) or hybrid work (meetings from time to time in our office in Łódź city centre).
  • Remuneration on B2B contract: 1.200 - 1.500 PLN net/day or 19.000- 24.000 PLN gross on Employment Agreement (UoP)
  • Possibility to engage not only technically, but also have an impact on the small company culture.

Benefits

  • sharing the costs of sports activities
  • private medical care
  • flexible working time
  • integration events

Recruitment stages

  • Interview meeting with Incubly
  • Technical Meeting with the Client
  • Feedback + final decision

Our Architecture and Technology Stack

Security Tools & Platforms

•SIEM: Splunk, Microsoft Sentinel, IBM QRadar

•EDR/XDR: CrowdStrike Falcon, Microsoft Defender, SentinelOne

•IDS/IPS: Snort, Suricata, Palo Alto Threat Prevention

•Cloud Security: AWS Security Hub, Azure Defender, Google Chronicle

•Vulnerability Management: Rapid7 InsightVM, Nessus, Qualys

•Threat Intelligence: Digital Shadows, MISP, Recorded Future

Key Protocols & Frameworks

•Network Protocols: TCP/IP, DNS, HTTP, VPN, TLS/SSL

•Security Frameworks: MITRE ATT&CK, Cyber Kill Chain, Zero Trust

•Compliance: PCI DSS, ISO 27001, NIST CSF

•Cloud Security & DevSecOps: CI/CD security integration, IaC (Terraform, Ansible)

•Threat Hunting & Incident Response: YARA, Sigma, Velociraptor

Architecture Overview

•Hybrid Security Model: On-prem & cloud security integration

•Proactive Threat Detection: AI-driven analytics, threat intelligence automation

•Security Operations Leadership: MSSP collaboration, SecOps strategy

INCUBLY SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ

Hey! Nice to see you!

Let’s share our stories to get to know a bit better…. We are business and technology enthusiasts constantly hungry for new challenges, self-, and others-development and nothing motivates us more than great software products and happy customers.

At Incubly, we believe that great people want to work with great people, so we started to build such a company that will attract great minds and that we can achieve everything not feeling that we work, but just having fun….

Our mission is to mainly support tech companies and startups (scaleups) in fast and high-quality scale-up of their teams and boost their product development, testing, and deployment; so, we can succeed together.

I hereby give consent for my personal data included in my application to be processed by Incubly Sp. z o.o. for the purposes of the recruitment process under the European Parliaments and Council of the European Union Regulation on the Protection of Natural Persons as of 27 April 2016, with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

  • Praca Łódź
  • Chief security officer Łódź

    • Łódź - Oferty pracy w okolicznych lokalizacjach

    Odpowiedz na ogłoszenie
    Praca Łódź - Ciekawe oferty pracy w okolicy:
    Security Analyst - Smart City
    • Łódź
      INCUBLY SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
    Dyrektor Handlowy
    Senior Java Developer - Smart City
    • Łódź
      INCUBLY SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
    Dyrektor Handlowy
    SEM Team Lead
    Tech Lead Net
    Senior Business Analyst / Functional Lead
    Lead Solution Architect
    Data Engineer - Smart City
    • Łódź
      INCUBLY SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
    87 096
    9 280