#1 Job Board for tech industry in Europe

  • Job offers
  • Cybersecurity Analyst (SOC Tier 3)
    Security

    Cybersecurity Analyst (SOC Tier 3)

    Kraków
    Type of work
    Full-time
    Experience
    Senior
    Employment Type
    Permanent
    Operating mode
    Hybrid

    Tech stack

      Information Security

      master

      SIEM

      master

      Incident Response

      master

      DLP

      advanced

    Job description

    Your new company

    International well-known company is entering to Cracow market and establishing Security Operations Center. Company is offering new job opportunities to specialists in a field of SOC operations.


    Your new role

    Cyber Security Analyst is responsible for the real-time identification and alerting of information security events that pose an immediate risk to company’s employees, customers, suppliers, shareholders, partners, or business operations.


    Your responsibilities

    • Configuring and maintaining monitoring, correlation, and alerting solutions in order to ensure that only relevant security related issues are being identified and alerted upon.
    • Correlating events being reported across multiple systems and areas of the network that identify a potential security incident, initiating the security incident response process to ensure that the situation is contained and addressed accordingly.
    • Configuring the security solutions used to protect company assets in such a manner that all pertinent events are being reported through the implemented SIEM solution.
    • Configuring and maintaining the implemented SIEM solution in order to identify and alert upon potential security events, while simultaneously minimizing false positives.
    • Contributing to investigations being conducted by the Information Security team.
    • Contributing to the maintenance of a DLP solution in an effort to notify the appropriate parties of violations, and to minimize false positives.
    • Contributing to the configuration of host and network based intrusion detection and prevention solutions, facilitating the identification of potential security incidents.
    • Creating and maintaining information security monitoring dashboards for the Information Security team and management, in order to provide varying levels of visibility into the security events within the environment, both real-time and over extended periods.
    • Deploying security solution agents to systems and devices in order to ensure that all security and monitoring solutions are able to effectively monitor and report upon security events occurring within the environment.
    • Contributing to the review and selection of Information Security solutions.
    • Engaging key service providers as security issues are identified in association with their managed systems and infrastructure, and working with the providers to ensure that they are aware of the impact, and are working towards resolution at a pace that aligns with company’s incident response requirements.
    • Contributing to the compilation of monthly issue and trend reports for distribution to the Enterprise Security & Support management.
    • Suggesting changes to the environment that would assist with eliminating vulnerabilities and mitigating the risk of exploitation resulting in potential incidents.
    • Contributing to the documentation and maintenance of team processes and documentation.
    • Contributing to the design and implementation of ticketing solution enhancement efforts, with the intent to streamline monitoring, alerting, and incident management efforts.
    • Suggesting and implementing process improvements based upon lessons learned.
    • Designing and building custom scripts required to facilitate logging and alerting requirements.
    • Performing other Enterprise Security & Support tasks as required and assigned.
    • Serves as an escalation point for potential security related incidents.



    What you'll need to succeed

    • Candidates for this position should have at least 7 years of Information Security experience and knowledge of the following:
    • Experience with managing SIEM solutions
    • Strong understanding of how attacks are performed against a system or network, and how to detect such attacks
    • Advanced analytical skills
    • Able to remain calm and diplomatic in high stress situations
    • Able to track and manage a large number of simultaneous activities, as well as cross-team dependent activities
    • Able to work collaboratively with minimal supervision
    • Effectively escalates items as required, and can influence decisions and actions without direct authority
    • Able to learn new technologies and processes quickly
    • Able to quickly adapt to changes in timelines and sequences
    • Able to work off hours when required
    • Documenting work papers as evidence of control success or deficiency
    • Strong verbal and written communications skills
    • CISSP, CEH, GIAC certification preferred


    Working Hours

    • 8am – 6pm local time- 4 days per week
    • Hybrid working model (office 2x/week)

    Check similar offers

    Cybersecurity Engineer - Data Protection

    New
    GPC Global Technology Center
    Undisclosed Salary
    Kraków
    MS Purview
    OneTrust
    Code42

    Cyber Threat Intelligence Team Lead

    New
    Bank Millennium
    Undisclosed Salary
    Wrocław
    Security
    Threat hunting

    Cloud Security Architect

    New
    Alior Bank SA
    Undisclosed Salary
    Kraków
    Microsoft 365
    Google Cloud Platform
    Entra ID

    Google Cloud Security SME

    New
    Team Up
    6.86K - 7.35K USD
    Warszawa
    , Fully remote
    Fully remote
    Google Cloud Platform
    Security

    IT Security Specialist (SoD)

    New
    ERGO Technology & Services
    Undisclosed Salary
    Warszawa
    IAM
    English