Cyber Security Senior Analyst
Security
Cyber Security Senior Analyst
Warszawa
Type of work
Undetermined
Experience
Senior
Employment Type
Permanent
Operating mode
Remote
Tech stack
SSO
Security
IT Security
Cybersecurity
SAML
Job description
Online interview
Stanley Black & Decker is the largest tool manufacturer in the world (Fortune 500). Our industrial tool businesses build the tools that build your world. Our brands: Stanley, Black&Decker, DeWalt, Porter-Cable, Mac Tools, Facom, Usag, Bostitch.
Our website: http://kariera.sbdinc.pl/
Currently we’re looking for:
Senior Cyber Security Analyst (Poland, Remote)
Location: Remote (with possibility of using our Warsaw Office)
Purpose:
The Senior Security Analyst is responsible for participating in a Cyber Security Operations team focused on implementing Global IT’s ongoing Cybersecurity response processes and counterattack information security issues in a diverse and highly complex Global enterprise IT environment.
Act as an advisor and a Subject Matter Expert (SME) for all aspects of Cyber Security as it pertains to in-region SBD Operational Technology sites. Monitor all local and regional Regulatory and Compliance as they pertain to maintaining Cyber effectiveness of all regional SBD sites.
Responsibilities:
- Management of IT security and IT risk (e.g., data systems, network and/or web) across the enterprise.
- Serve as project manager/lead within IT security projects.
- Address questions from internal and external audits and examinations.
- Develop policies, procedures and standards that meet existing and newly developed policy and regulatory requirements including SOX, PCI.
- Facilitate IT security/risk training curriculum.
- Promote awareness of applicable regulatory standards, upstream risks and industry best practices across the SBD.
- Keep up to date with the latest security and technology developments.
- Research/evaluate emerging cyber security threats and ways to manage them.
- Plan for disaster recovery and create contingency plans in the event of any security breaches.
- Monitor for attacks, intrusions and unusual, unauthorized or illegal activity.
- Test and evaluate security products.
- Design new security systems or upgrade existing ones.
- Use advanced analytic tools to determine emerging threat patterns and vulnerabilities.
- Engage in 'ethical hacking', for example, simulating security breaches.
- Identify potential weaknesses and implement measures, such as firewalls and encryption.
- Investigate security alerts and provide incident response.
- Monitor identity and access management, including monitoring for abuse of permissions by authorized system users.
- Liaise with stakeholders in relation to cyber security issues and provide future recommendations.
- Generate reports for both technical and non-technical staff and stakeholders.
- Maintain an information security risk register and assist with internal and external audits relating to information security.
- Monitor and respond to 'phishing' emails and 'pharming' activity.
- Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues.
- Give advice and guidance to staff on issues such as spam and unwanted or malicious emails.
Requirements:
- Relevant Higher Degree – IT, Engineering or related
- 4-6 y. experience with cybersecurity, IT audits or related
- Experience designing and implementing security solutions, experience in cybersecurity operations
- Preferred Certifications: CISSP, GIAC, or CISM
- Skilled in Encryption Tools, techniques and processes in a large enterprise environment
- Expertise and experience with SAML / Single Sign On tools, techniques, and authentication with SaaS applications
- Experience with Identity and Access Management
- Skilled in Endpoint / Server Security tools, techniques in large enterprise environment
- Strong English language skills, with excellent communication skills
- Good analytical & executing skills, demonstrated ability to assess security threats and efficiently execute actions that prevent impacts from new/emerging vulnerabilities, exploitation techniques, and attack vectors.
- Able to work in partnership with SBD Stakeholders - Infrastructure Services Tower and User and Site Services teams
We offer:
- Virtual / Remote with possibility to use the office occasionally (New office location – 10 meters from Metro Rondo Daszyńskiego underground station)
- Labor law contract
- Work in an international company giving a good opportunity to develop professional and foreign language skills
- Attractive benefits: Private medical care, life insurance, multisport/ edenred card
- International projects
- Training & courses
- Room for realizing own ideas, creative solutions
Check similar offers
