Cybersecurity Analyst (SOC Tier 3)

Your new company

International well-known company is entering to Cracow market and establishing Security Operations Center. Company is offering new job opportunities to specialists in a field of SOC operations.

Your new role

Cyber Security Analyst is responsible for the real-time identification and alerting of information security events that pose an immediate risk to company’s employees, customers, suppliers, shareholders, partners, or business operations.

Your responsibilities

• Configuring and maintaining monitoring, correlation, and alerting solutions in order to ensure that only relevant security related issues are being identified and alerted upon.
• Correlating events being reported across multiple systems and areas of the network that identify a potential security incident, initiating the security incident response process to ensure that the situation is contained and addressed accordingly.
• Configuring the security solutions used to protect company assets in such a manner that all pertinent events are being reported through the implemented SIEM solution.
• Configuring and maintaining the implemented SIEM solution in order to identify and alert upon potential security events, while simultaneously minimizing false positives.
• Contributing to investigations being conducted by the Information Security team.
• Contributing to the maintenance of a DLP solution in an effort to notify the appropriate parties of violations, and to minimize false positives.
• Contributing to the configuration of host and network based intrusion detection and prevention solutions, facilitating the identification of potential security incidents.
• Creating and maintaining information security monitoring dashboards for the Information Security team and management, in order to provide varying levels of visibility into the security events within the environment, both real-time and over extended periods.
• Deploying security solution agents to systems and devices in order to ensure that all security and monitoring solutions are able to effectively monitor and report upon security events occurring within the environment.
• Contributing to the review and selection of Information Security solutions.
• Engaging key service providers as security issues are identified in association with their managed systems and infrastructure, and working with the providers to ensure that they are aware of the impact, and are working towards resolution at a pace that aligns with company’s incident response requirements.
• Contributing to the compilation of monthly issue and trend reports for distribution to the Enterprise Security & Support management.
• Suggesting changes to the environment that would assist with eliminating vulnerabilities and mitigating the risk of exploitation resulting in potential incidents.
• Contributing to the documentation and maintenance of team processes and documentation.
• Contributing to the design and implementation of ticketing solution enhancement efforts, with the intent to streamline monitoring, alerting, and incident management efforts.
• Suggesting and implementing process improvements based upon lessons learned.
• Designing and building custom scripts required to facilitate logging and alerting requirements.
• Performing other Enterprise Security & Support tasks as required and assigned.
• Serves as an escalation point for potential security related incidents.

What you'll need to succeed

• Candidates for this position should have at least 7 years of Information Security experience and knowledge of the following:
• Experience with managing SIEM solutions
• Strong understanding of how attacks are performed against a system or network, and how to detect such attacks
• Advanced analytical skills
• Able to remain calm and diplomatic in high stress situations
• Able to track and manage a large number of simultaneous activities, as well as cross-team dependent activities
• Able to work collaboratively with minimal supervision
• Effectively escalates items as required, and can influence decisions and actions without direct authority
• Able to learn new technologies and processes quickly
• Able to quickly adapt to changes in timelines and sequences
• Able to work off hours when required
• Documenting work papers as evidence of control success or deficiency
• Strong verbal and written communications skills
• CISSP, CEH, GIAC certification preferred

Working Hours

• 8am – 6pm local time- 4 days per week
• Hybrid working model (office 2x/week)