Lead Cyber Threat Responder

-

• You have in-depth knowledge of common threats, attack vectors, and TTPs, and you are well-versed in security tools such as SIEM, SOAR, EDR and NDR.
• You excel at analyzing complex situations and solving problems efficiently. You can also explain technical terms to non-technical staff.
• You have experience in digital forensics, network forensics, or malware analysis, and you can define and execute complex containment, eradication, and recovery strategies.
• You understand log formats for common security events and can use them to determine root causes and timelines.
• You have understanding of systems administration, middleware, application administration, and network security, including best practices.
• You can work effectively under pressure, adhere to processes and procedures, and thrive in an international, multicultural organization with English as the primary communication language.
• You hold a Bachelor’s degree and/or equivalent experience (4-6 years) in cybersecurity or IT. You have a successful track record in key technical roles and possess one or more security professional certifications (e.g., GCIH, GCFA, GREM, CISSP).
• Willingness to work onsite 50% of the time on a monthly basis, with an initial four-week period fully onsite in our Katowice location to facilitate integration and team collaboration.

Responsibilities

• As a subject matter expert, lead and manage end-to-end responses to complex, high-priority threats like APTs, malware outbreaks, data leaks, and organized cybercrime.
• Take charge of escalated threats, defining and implementing containment strategies and driving incidents to resolution.
• You will participate in post incident analysis and recommend adjustments and changes to improve organization’s resiliency for modern threats and attacks.
• Communicate regularly with system owners, tech leaders, business users and managers.
• Advise, supervise and refine cybersecurity threat response playbooks for known threats, optimizing playbooks created by less experiences staff to enhance effectiveness.
• Collaborate with Threat Intelligence Analysts to guide responses based on threat intelligence data, with Threat Hunting Specialist to investigate suspicious or anomalous activities and with Threat Detection Engineer to optimize the detections.
• Activate and participate or lead CSIRT (Cyber Crisis Team) activities for high-priority threats, ensuring effective communication with all relevant stakeholders and coordination of technical activities withing Incident Response field.
• Continuously enhance threat response plans, processes and procedures, while providing supervision and development opportunities for junior team members.