CSIRT Security Engineer

Experis to światowy lider rekrutacji specjalistów i kadry zarządzającej w kluczowych obszarach IT. Z nami znajdziesz konkurencyjne oferty zatrudnienia oraz ciekawe projekty IT skierowane zarówno do ekspertów z wieloletnim doświadczeniem, jak i osób, które dopiero zaczynają swoją przygodę w branży IT.

Location: Warsaw Salary: 100-120 pln/h Contract: B2B-12 months, full time Minimum 40% office presence in customer office is required. Mission & Context: Join the Computer Security Incident Response Team (CSIRT) within the Cybersecurity & IT Risks Centre of Expertise (banking industry) The CSIRT is responsible for managing cybersecurity incidents; The team is expanding to Poland, with CSIRT Security Engineers working alongside colleagues in France and other European countries. Key Responsibilities:

• Incident Handling & Response: Manage and respond to cybersecurity incidents.
• Investigations & Forensics: Conduct investigations, including digital forensics.
• Data Leak Protection: Implement and monitor data leak protection measures.
• Phishing Identification: Detect and respond to phishing attempts.
• Threat Hunting: Conduct threat hunting campaigns to proactively identify risks.
• Cyber Threat Intelligence: Produce and analyse cyber threat intelligence.
• Vulnerability Management: Identify, assess, and manage vulnerabilities.

Core Competencies & Education:

• Preferably MSc in Information Security.
• Fluent in English (written & verbal); French is a plus.
• Autonomy and ability to deliver within set timeframes.
• Strong organisational and analytical skills.
• Good interpersonal and communication skills; effective team player.
• Ability to function effectively in a matrix structure.
• Certifications such as GREM, Blue Team Level 1 (BTL1), Blue Team Level 2 (BTL2), Certified Red Team Expert (CRTE), or Certified Red Team Professional (CRTP) are a plus.

Experience & Technical Skills:

• Proven record as an incident handler or cyber threat intelligence (CTI) analyst.
• Proven experience in digital forensics.
• Experience using ServiceNow.
• Experience with EDR (e.g., Tanium), Antivirus (e.g., Trellix), SIEM (e.g., Elastic Search), and security tools (Netcraft, Virustotal, Symantec DLP, Ghidra).
• Detailed technical knowledge of attacker tactics, techniques, and procedures.
• Interest in all aspects of security research and development.

Engagement & Methodology:

• Engagement type: Time & Material (T&M).
• Delivery methodology: Agile with bi-weekly sprints.
• Governance: Quarterly planning, daily meetings, sprint planning, demos, and retrospectives.

Offer:

• Multisport Card
• Life insurance
• Private healthcare
• PowerYou platform