The Global Cyber Security Analyst’s role is to support the Global Security Team to analyze and correlate global and regional cybersecurity data. This includes helping to monitor, triage, and prioritize the response to alerts for both cloud and traditional infrastructures.
Global Cyber Security Analyst
Warszawa- Employment contract
- Business working hours
- A global working environment where you will develop yourself
- Medicover - a medical care package
- benefit system - multisport card
- edenred - sports & culture card
- life insurance
- a working place where you can feel the sense of well being - e.g. yoga clasess in the office, Zen room, language courses and many more
- Monitor, triage, prioritize, coordinate events with global and regional teams, and respond to alerts for further investigation
- Perform technical analysis on a wide range of cybersecurity issues
- Document key event details and analytic findings in analysis reports and incident management systems
- Conduct enterprise security log collection, management, and analysis. Investigate SIEM events, alerts and tips to determine if an incident has occurred
- Integrate threat intelligence reporting & indicators of compromise to improve defenses and proactively mitigate new threats
- Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response activities
- Recognize attacker and APT activity; tactics, techniques, and procedures (TTPs); and indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response
- Support the production of effective situational awareness products with relevant metrics and visualizations for key stakeholders and leadership
- Function as the first line of cyber defense for the Cyber Security Incident Response Team (CSIRT)
- Ensure proper configurations and security controls of systems and agents
- Business international level of English – with strong written and oral communication skills.
- 5 + years of incident analysis, security architecture, malware research, SOC analyst, or any other similar incident response experience.
- Fundamental understanding of security tools such as SIEM, IDS/IPS, web proxies, DLP, SIEM, DNS security, DDoS protection, and firewalls
- Advanced knowledge of MITRE ATT&CK security framework, Cyber Kill Chain analysis, and/or other useful threat analysis models
- Advanced knowledge of the incident response process and industry best practices, TCP/IP protocols, computer networking, routing, switching, Window and Linux operating systems, and encryption technologies
- Experience analyzing and inspecting log files, network packets, and any other security tool information output from multiple system types
- Familiar with basic reverse engineering principles and understand of malware, rootkits, TCP/UDP packets, network protocols
- Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred
- Required flexibility to work nights, weekends, and/or holiday shifts in the event of an incident response emergency
- Ability to work independently and collaborate with geographically dispersed teams
- Occasional travel to support global cyber security operations and incident response may be necessary
Agencja zatrudnienia – nr wpisu 47
