Informacje o stanowisku

technologies-expected :

• Active Directory

• Monitoring IT security breach incidents in real time - Work in a 24/7 Global SOC Team that operates in 12h shifts
• Categorizing and prioritizing IT security incidents
• Advanced analysis of detected IT security incidents, identifying security and threat levels
• Gathering key information, analyzing and interpreting them for escalation to relevant support lines (including vendors) and asset/business owners
• Finding correlation between detected cyber threats
• Provision of recommendations for fine-tuning of correlation rules
• Preparation of GSOC technical documentation (playbooks, response plans, processes)
• Participation in projects carried out by GSOC and D&R as SME
• Training of staff in their role, use of technology and tools
• Performing other duties as directed by the supervisor.

• Min. 1 year of experience as a SOC Analyst
• Written and spoken English at B2/C1 level
• Good knowledge of the security incident management process in accordance with the NIST standard
• Ability to organize work independently and make key decisions autonomously during security incident analysis and prioritize them accordingly
• Knowledge of the basics and main concepts of networking (network protocols, ISO/OSI model, etc.)
• Very good knowledge of internal processes (e.g., logging and monitoring) and escalation mechanisms within the GSOC
• Knowledge of IT service operations at ITIL Foundation level (change management, incident management, request management, etc.)
• Knowledge of the internal architecture of Windows/Linux/iOS systems (e.g., Active Directory)
• Very good knowledge of threat types currently used cyber-attack techniques
• Very good knowledge of the Mittre Att&ck matrix and the Cyber Kill Chain methodology
• Good knowledge of the functioning of security tools (DLP, EDR, SIEM, Firewall, IPS/IDS etc.)
• Ability to gather and present a large amount of technical information in a concise and understandable form for colleagues
• Finding correlations between security events detected in all GSOC-supported tools
• Proactive approach in the context of security incident analysis
• Skills and knowledge to provide appropriate recommendations for fine-tuning correlation rules
• OSINT knowledge

• Contract of employment
• Performance Bonus
• Private medical care (ENEL-MED)
• Emotional support consultations
• Cafeteria system of benefits (e.g. MultiSport card)
• Additional parent privileges:
• baby leave – 6 weeks leave for second parent
• shortened working time after parental leave
• Employer-funded group insurance
• Employee Shares Plan
• Extra day off for birthday
• Paid time off to volunteer
• Additional leave acquired over the years in the company (even 5 days more in a year)
• Wellbeing Leave - additional two weeks paid leave after 10 years of service
• Access to the e-learning platforms
• Internal employee referral program
• Hybrid working model from Poland with a few days in Warsaw office per month (team meetings, onboarding, onsite trainings etc)
• Attractive office location in Warsaw - Gdański Business Center
• Additional entitlements for people with disabilities - Work Without Barriers
• Work environment that promotes diversity - Diversity Charter

• sharing the costs of sports activities
• private medical care
• life insurance
• remote work opportunities
• flexible working time
• extra leave

Warszawa - Oferty pracy w okolicznych lokalizacjach