Cyber Security Operations Engineer
Kraków (PL-KRA), PL
NORMA Group
NORMA Group is a leader in joining and fluid technology, offering innovative solutions for key markets. We offer quality, variety, and customer focus worldwide.
If you like change, change to us
We are an international mid sized group with appetite for innovations, approachable management, lead by objectives / targets which give the opportunity of a wide range of empowerment. We as a growth oriented market leader invite you to join us on our journey from good to great!
Cyber Security Operations Engineer
Job Description:
- Working as a key player in a dynamic and international team ensuring the security (CIA) confidentiality, integrity and availability of the company and its customer's (where relevant) systems and data.
- The Cyber Security Engineer uses technical skills and knowledge in several security technologies to analyse and respond to security threats from various security platforms and technologies.
- Responsible for initial triage of incoming security related incidents. Automate and monitor, analyse logs and alerts from a variety of different technologies across multiple platforms in order to identify and mitigate security incidents.
- Experience and knowledge in technologies, methods and platforms:
- SIEM, Azure Sentinel, Splunk, etc.
- IDS/IPS, Firewalls, Network Access Control.
- Phishing, Social Engineering methods.
- MITRE-Framework, TTPs, Cyber-kill-chain, Security Baselines, Pen-tests, Red Team vs Blue Team.
- Behavioral analysis, Anti-virus and EDR, end-point protection and other advance security systems.
- Sandboxing, Malware analysis, URL redirections, Threat Intelligence, Threat Hunting
- Servers and workstations of various OS (Microsoft, Linux, Unix, MacOS, Citrix)
- Other security technologies such as: Public Cloud: Azure, AWS, CASB, SASE, SSE.
- Assess the security impact of security alerts and traffic anomalies to identify malicious activities and take mitigating actions or escalates to other operations team or management as appropriate.
- Enable OS hardening across multiple operating systems like Linux and Windows.
- Execute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures.
- Process tactical mitigations based on results of analysis and determination of threat validity.
- Follow escalation and handoff procedures to team members and leadership based on defined threat and priority determination.
- Document results of cyber threat analysis effectively and prepare comprehensive handoff and/ or escalation for Incident Reponses or other teams, forensics.
- Support in writing technical articles and presentations for knowledge sharing within the team, when necessary.
- Coordinate with other departments on exercises, programs, and workshops, as needed.
- Develop and report enterprise-level metrics for Cyber Security, vulnerabilities and risk and remediation progress or mitigation steps. Understand, demonstrate, and educate stakeholders on the real-world impact of threats and vulnerability exploitation in a given environment.
- Assist to design security and strategies/ concepts related to servers, clients, and other ICT systems to support a growing global enterprise network in line with company goals; working to existing standards and developing new ones.
- Participate in security risks, threats and vulnerabilities assessments and audits.
- Analyse internal and external network, server and application activity using various tools.
- Improve security related monitoring and alerts by using automation where applicable.
- Identify and provide mitigation/ improvement steps for any security gaps in network, server and applications.
- Participate in new security solutions evaluation, design and implementation.
- Provide information security requirements advice and counsel to various teams.
- Stay on top of technology advancements in IT specifically network and system security be aware of malicious attack vectors, common vulnerabilities, and best-practice security defenses.
- Implement and maintain (where required) documentation, licences etc.
- Communicating, working with and coordinating actions with third-parties and external consultants and engineers.
Education & Experience:
- Degree in computer science or 3+ Years’ experience working in IT and at least 2+ years’ working within a SOC or Operational Security Team.
- Licences/ Certifications: Industry recognised certifications preferred from: CISSP, CISM, CEH, CompTIA Security+, OSCP, CCSP, Microsoft (Cloud, Hybrid, Azure, legacy e.g. MCSE).
Profile:
- Background in security threat analysis and threat hunting with ability to determine risk level of identified threats and necessary urgency in remediation.
- Possess strong technical understanding of common network and system vulnerabilities.
- Understanding of networking principles (OSI Model, routing, TCP/IP). Windows and Linux operating systems, and basic administration.
- Knowledge of best practices in common security technologies and methodologies.
- Problem solving skills and ability to work under pressure in a rapid paced environment.
- Experience working with cross-business and cross-functional teams in a geographically distributed environment.
Contact for this position: Marta Rachwał
NORMA Polska Sp. z.o.o.
Gabrieli Zapolskiej 44
30-126 Krakow, Poland
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS Azure Blue team CASB CCSP CEH CIA CISM CISSP Citrix Cloud CompTIA Computer Science EDR Firewalls Forensics IDS IPS Linux MacOS Malware Monitoring OSCP Red team SASE Sentinel SIEM SOC Splunk TCP/IP Threat intelligence TTPs UNIX Vulnerabilities Windows
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.