Cyber Defense GSOC L3 Analyst

Twój zakres obowiązków:

• Lead incident response — oversee investigation, containment, and eradication of cybersecurity threats; identify and implement mitigation actions; escalate high‑severity incidents and ensure proper handling

• Guide and manage the team — line-manage 5–10 L1/L2 analysts through coaching, mentoring, performance reviews, and operational planning for 24/7 SOC coverage

• Drive technical excellence — lead threat hunting through log analysis and SIEM/UEBA/EDR tools; apply threat intelligence; review tuning recommendations; support complex investigations and on‑call escalation

• Ensure operational quality — conduct quality audits of L2‑handled incidents, support handover calls, maintain up‑to‑date playbooks/runbooks, and identify improvements including automation opportunities

• Communicate effectively — brief security leadership on key incidents; collaborate with global SOC teams, technical stakeholders, and business functions such as GRC, Legal, and Audit

Nasze wymagania:

• Experience & expertise — 6+ years in a mature SOC/Cyber Defence environment, with strong troubleshooting, investigation, and decision‑making skills under pressure

• Technical proficiency — hands‑on use of SIEM/UEBA/EDR; ability to analyze logs, correlate data, reconstruct attack timelines, and use tools like Wireshark, Python, PowerShell, EDR telemetry, and network forensics solutions

• Communication skills — excellent written and verbal English, ability to explain findings to both technical and non‑technical audiences, and produce structured reports

• Leadership & teamwork — proven ability to guide, mentor, plan workload, support training programs, and coordinate across global teams in a 24/7 environment

• Knowledge base — strong understanding of attack methods; working knowledge of Linux/macOS/Windows; familiarity with broader IT areas (WAF, databases, Active Directory, DLP, firewalls, proxies). Security/network certifications are a plus

To oferujemy:

• Flexible work model – possibility to work primarily from home

• Team‑based environment with a strong culture of knowledge sharing

• Growth opportunities – access to WTW’s global expertise and resources

• Great working atmosphere – a supportive team and a culture built on mutual respect

• Security and stability – employment under a full‑time contract in a leading international brokerage firm

• Comprehensive benefits package funded by the employer, including bonus and incentive systems

Benefity:

• Prywatna opieka medyczna

• Kafeteria benefitów & Multisport

• Employee Assistance Program

• Ubezpieczenie na życie

• Hybrydowy model pracy

• Volunteer Day

• Dofinansowanie do okularów

• Dofinansowanie nauki języków

• Możliwości uzyskania uprawnień

• Recognition HUB

• Świadczenia socjalne ZFŚS

• PPE