Senior Cybersecurity Engineer will participate as an individual contributor within the Cybersecurity Operations team. Working most closely with Cybersecurity and IT Operations staff, but aiding in initiatives across Technology, the successful candidate will be a subject matter expert for all things security.
This role demands expertise in cybersecurity principles and technologies, encompassing risk assessment, security measure implementation, and incident response strategy development to ensure organizations resilience to cyberattacks.
Crucial responsibilities include upholding the confidentiality, integrity, and availability of vital information and staying abreast of the dynamic cybersecurity landscape through continuous learning and proactive security measures.
Majority of IT Operations and Cybersecurity teams are located in US, currently we expand our teams in Europe, based in our location in Gdańsk, Poland. In this role you will work in regular working hours of your time zone (no shifts expected).
responsibilities :
Implement and maintain the health of prioritized cybersecurity controls for the organization.
Implement and maintain the organizations abilities to detect potential security events and event risk.
Provide direction to infrastructure, IT operations, data and application developments groups on cybersecurity framework alignment and best practice.
Recommend configuration and image hardening through alignment with relevant CIS Controls.
Lead analysis of daily threats and provide recommendations and mitigating controls to reduce risk to the organization. Participate in the Cyber Incident. Response Team and aid in the containment and remediation of incidents.
Serve as the subject matter expert for supported security technologies and acts as subject matter expert during escalations.
Coordinate with IT stakeholders on the remediation of vulnerabilities found through internal scanners and external attack surface management.
Maintain knowledge of engineering next-gen designs, security trends, threats, and attack techniques.
Involved in the implementation of a Zero Trust infrastructure with data security controls, including enhanced Zero Trust detection capabilities and improved event analysis.
Mentor Cybersecurity team members on effective identification and remediation of incidents.
Maintaining knowledge of industry and regulatory trends for enterprise technology.
requirements-expected :
5+ years’ experience in Cybersecurity roles required, 5-7 years in additional IT-related roles.
Bachelor’s degree preferred; advanced professional security certification (e.g. CISSP) is required.
IT experience in all aspects of Cybersecurity with a vast array of IT systems involving end users and enterprise-level networks.
Demonstrable experience recognizing and categorizing types of vulnerabilities and associated attacks.
Protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
Experience with Web Authentication concepts of SAML, OIDC, and OAuth2.
Experience developing and reviewing cybersecurity documentation, standard operating procedure (SOP).
Experience with GAP assessments, penetrations testing and techniques, and patch management.
Knowledge of common information security management frameworks, such as ISO, ITIL, COBIT, and NIST, including the Cybersecurity Framework and 800-53.
Experience with modern security tools in EDR/XDR (e.g. Crowdstrike), Vulnerability Management (e.g. Rapid7), Patch and Endpoint Management (e.g. Automox, Intune), Office 365 / Azure (e.g. Defender, Azure AD, Exchange), AWS, SIEM/External SOC/MDR (e.g. Arctic Wolf), Log Aggregation, Dynamic Code Scanning, EASM, Knowledge and Phishing (e.g. KnowBe4), and dynamic penetration testing.
Strong ability to communicate information security and risk-related concepts to technical and non-technical audiences at various hierarchical levels, ranging from board members to technical specialists.
offered :
Medical plan including dental and rehabilitation treatments.
Lunch card.
Benefit points, incl. Multisport and vendor discounts.
Hybrid work, 3 days of office presence per week. Remote, if located outside Gdańsk area.
IT equipment for your working space at home.
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of professional training & courses
remote work opportunities
flexible working time
fruits
integration events
dental care
computer available for private use
no dress code
coffee / tea
drinks
leisure zone
pre-paid cards
shopping coupons
sharing the costs of tickets to the movies, theater
