Devire is an international company specializing in recruitment, outsourcing and employer branding services. For more than 30 years, we have represented leading employers on the European market, by carrying out comprehensive recruitment projects, implementing the latest solutions in the area of IT services and by supporting in building the image of the employer of choice.

Our offices are located in Warsaw, Wroclaw, Poznan, Katowice as well as Munich, Frankfurt, Prague and Hradec Kralove.

SOC Analyst

Location: Warsaw

For our Client, a global animal health company, we are looking for candidates to join the international team as a SOC Analyst in Warsaw.

 

What you'll do:

• Work with the company's 24x7 MSSP Security Operations Center (SOC), to detect and appropriately react to information security incidents at Tier 2 and 3 levels globally including onsite, manufacturing sites, the public and private Cloud (MS Azure), and on SaaS applications
• Review, escalate or receive escalated security alerts from the MSSP SOC or internal security systems, perform the triage analysis necessary to identify if the alert is a false positive and determine whether or not the related event(s) represent a security incident
• Conduct investigations of and responses to the identified incidents
• Coordinate with internal and external teams including forensics and legal to identify root cause, restore services, and communicate status to affected stakeholders
• Carry out triage on security events raised by our 3rd party SOC as well as security log data from other security devices. Appropriately classify and raise incidents in the ticketing system
• Foster relationships between internal teams (e.g., legal, IT operations, compliance) and external teams (e.g., law enforcement agencies, vendors, and public relations professionals)
• Detect and analyze incidents, and coordinate activities with other stakeholders for containing, eradicating and recovering from incidents
• Help establish playbooks and identify opportunities for automation within incident response processes. Utilize and adhere to defined workflow and processes driving incident response and mitigation efforts
• Assist in the design and management of tools that monitor, detect, and report security-related events
• Collect supporting information and/or relevant artifacts in support of incident response activities
• Conduct technical analysis against impacted systems to determine impact, scope, and recovery from active and potential cyber incidents
• Leverage basic forensic tools, techniques, and capacities to support incident response activities
• Execute e-discovery and computer forensic activities as necessary to support investigative matters
• Research and collect information on threats to the organization through communication with other partner institutions, mailing lists, open-source news, and industry partnerships
• Assist with other Information Security projects as needes

 

Who you are:

• 2-4 years of information security experience, preferably within a SOC or IR team
• Demonstrated experience of incident response activities including security event monitoring concepts, escalation, and containment processes
• Knowledge of security tools (e.g. Anti-malware, IPS, full packet capture and host/network forensics)
• Knowledge of incident response frameworks and handling procedures
• Strong analytical and critical thinking skills, including being detail-oriented
• Strong troubleshooting, reasoning and problem-solving skills
• Team player with the ability to work autonomously
• English: Advanced/Fluent

 

Nice to have skills:

• Relevant certifications in information security (such as GCIA, GCIH, CEH, SSCP, etc.)
• Knowledge of networking (including the OSI model, TCP/IP, DNS, HTTP, SMTP), cloud computing (Azure preferred), system administration, and security architecture
• Program and scripting experience
• Experience with SIEM technologies for developing dashboards and metrics
• Ability to interact with business and technical audiences across all levels of the organization

 

Our Client offers:

• Contract of employment
• Challenging projects using cutting edge tools and technologies
• Gain experience helping to build a new secure infrastructure for the entire company
• Private medical care
• Life and Disability insurance
• Flexible office hours
• Dedicated training programs
• Sport/fitness card
• Modern collaborative workspace located in Warsaw Hub next to the Rondo Daszynskiego Metro station
• Possibility to work and grow in an international environment
• A chance to work with and become one of the top engineers in the world in your desired field of technology