Analyst, Cyber Threat Response
warszawa
technologies-expected :
Windows Server
responsibilities :
Monitor, detect & respond to any potential security threats and risks to the organisation, using the available technology toolset
Correlate and consolidate the alerts, reports, anomalies and other intelligence sources, put the threat/risk in context, and determine event/incident urgency and priority, and initiate an appropriate response
Continuously improve the accuracy and relevance of the Bank’s detection tools and capabilities to keep pace with changing environments and regulatory/compliance requirements
Adhere to the defined security monitoring processes and procedures, and initiate improvements to them, driving maturity and relevance
Track and report the remediation of cybersecurity threats and risks, and provide domain expertise during remediation to the appropriate support groups
Track and document cybersecurity incidents from initial detection through final resolution
Operate within established standard operating procedures to handle security incidents
Research trends and countermeasures in computer/network vulnerabilities, exploits, and malicious activity
Support senior incident handlers during cybersecurity incident response activities
Perform root cause analyses and present findings to relevant stakeholders for remediation
Work closely with the other support groups to assess risk and provide recommendations for improving the Bank’s security posture
Work within a 24x7 shift model
Provide after-hours rotational coverage when required
requirements-expected :
Well-versed in Cybersecurity Incident Analysis and Response and Cybersecurity Defensive Operations (Blue Team)
Strong understanding of core Enterprise Information Technology and Computer Networking concepts (Desktop/Laptop, Mobile Device, Server, Network Device, LAN and WAN)
Basic knowledge of selected IT Service Management (ITSM) processes (Event Management, Incident Management, Change Management, Service Assets and Configuration Management, Service Level Management)
Exposure to Security Information and Event Management solutions, preferably Splunk ES. User Behaviour Analytics (UBA) exposure is desirable
Exposure to Endpoint Security and/or Endpoint Detection and Response tools, preferably Symantec
Demonstrated ability to work with a diverse, geographically-dispersed team
The following certifications are desirable but not mandatory: EC Council Certified Ethical Hacker (CEH), EC Council Certified Security Analyst (ECSA), SANS GIAC Certified Incident Handler (GCIH), CERT Certified Computer Security Incident Handler (CSIH), Axelos Information Technology Infrastructure Library (ITIL) v3 Foundation
offered :
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
Flexible working options based around home and office locations, with flexible working patterns.
Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.