Create Alert
Apply now »

 

If you like change, change to us

 

We are an international mid sized group with appetite for innovations, approachable management, lead by objectives / targets which give the opportunity of a wide range of empowerment. We as a growth oriented market leader invite you to join us on our journey from good to great!

 

Cyber Security Operations Engineer

 

Job Description:

  • Working as a key player in a dynamic and international team ensuring the security (CIA) confidentiality, integrity and availability of the company and its customer's (where relevant) systems and data.
  • The Cyber Security Engineer uses technical skills and knowledge in several security technologies to analyse and respond to security threats from various security platforms and technologies.
  • Responsible for initial triage of incoming security related incidents. Automate and monitor, analyse logs and alerts from a variety of different technologies across multiple platforms in order to identify and mitigate security incidents.
  • Experience and knowledge in technologies, methods and platforms:
    • SIEM, Azure Sentinel, Splunk, etc.
    • IDS/IPS, Firewalls, Network Access Control.
    • Phishing, Social Engineering methods.
    • MITRE-Framework, TTPs, Cyber-kill-chain, Security Baselines, Pen-tests, Red Team vs Blue Team.
    • Behavioral analysis, Anti-virus and EDR, end-point protection and other advance security systems.
    • Sandboxing, Malware analysis, URL redirections, Threat Intelligence, Threat Hunting
    • Servers and workstations of various OS (Microsoft, Linux, Unix, MacOS, Citrix)
    • Other security technologies such as: Public Cloud: Azure, AWS, CASB, SASE, SSE.
  • Assess the security impact of security alerts and traffic anomalies to identify malicious activities and take mitigating actions or escalates to other operations team or management as appropriate.
  • Enable OS hardening across multiple operating systems like Linux and Windows.
  • Execute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures.
  • Process tactical mitigations based on results of analysis and determination of threat validity.
  • Follow escalation and handoff procedures to team members and leadership based on defined threat and priority determination.
  • Document results of cyber threat analysis effectively and prepare comprehensive handoff and/ or escalation for Incident Reponses or other teams, forensics.
  • Support in writing technical articles and presentations for knowledge sharing within the team, when necessary.
  • Coordinate with other departments on exercises, programs, and workshops, as needed.
  • Develop and report enterprise-level metrics for Cyber Security, vulnerabilities and risk and remediation progress or mitigation steps. Understand, demonstrate, and educate stakeholders on the real-world impact of threats and vulnerability exploitation in a given environment.
  • Assist to design security and strategies/ concepts related to servers, clients, and other ICT systems to support a growing global enterprise network in line with company goals; working to existing standards and developing new ones.
  • Participate in security risks, threats and vulnerabilities assessments and audits.
  • Analyse internal and external network, server and application activity using various tools.
  • Improve security related monitoring and alerts by using automation where applicable.
  • Identify and provide mitigation/ improvement steps for any security gaps in network, server and applications.
  • Participate in new security solutions evaluation, design and implementation.
  • Provide information security requirements advice and counsel to various teams.
  • Stay on top of technology advancements in IT specifically network and system security be aware of malicious attack vectors, common vulnerabilities, and best-practice security defenses. 
  • Implement and maintain (where required) documentation, licences etc.
  • Communicating, working with and coordinating actions with third-parties and external consultants and engineers.

 

Education & Experience:

  • Degree in computer science or 3+ Years’ experience working in IT and at least 2+ years’ working within a SOC or Operational Security Team.
  • Licences/ Certifications: Industry recognised certifications preferred from: CISSP, CISM, CEH, CompTIA Security+, OSCP, CCSP, Microsoft (Cloud, Hybrid, Azure, legacy e.g. MCSE).

 

 Profile:

  • Background in security threat analysis and threat hunting with ability to determine risk level of identified threats and necessary urgency in remediation.
  • Possess strong technical understanding of common network and system vulnerabilities.
  • Understanding of networking principles (OSI Model, routing, TCP/IP). Windows and Linux operating systems, and basic administration.
  • Knowledge of best practices in common security technologies and methodologies.
  • Problem solving skills and ability to work under pressure in a rapid paced environment.
  • Experience working with cross-business and cross-functional teams in a geographically distributed environment.

 

Contact for this position: Marta Rachwał 

 

NORMA Polska Sp. z.o.o.
Gabrieli Zapolskiej 44
30-126 Krakow, Poland

 

 

Apply now »