The Role
The Analyst (Tier 2) will assess threats, recommend countermeasures, handle investigations, monitor security events, and develop processes aligned with incident response activities.
Summary Generated by Built In
JOB DESCRIPTION
Job Title: Analyst (Tier 2) - Security Operations
Location: Kraków, Poland
Responsibilities and Duties
- Analyst (Tier 2) - Security Operations must be able to do the following:
- Correlate threat data from various sources to establish the threat/impact against the network.
- After assessment of the data, recommend appropriate countermeasures, facilitating tracking, preliminary handling of investigations, and reporting of all security events and computer incidents.
- Remediation actions and apply lessons learned to security incident investigation and resolution
- Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure
- Develop processes which analyzes data, producing accurate, meaningful, easily interpreted results based on user requirements and use cases
- Develop processes which align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center
- Create custom tool content to enhance capabilities of security operations teams
- Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure
- Provide support to Security Incident Management aligned with NIST standards
Technical writing experience
- Standard Operating Procedures
- Runbooks/Playbooks
- Incident Response Plans
- Support training develop with both analysts and tabletop exercises
- Assist or lead the effort in Tool configuration and content creation
Qualifications:
- 2-4 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
- Degree in Computer Science, Information Technology, or equivalent work experience
- Experience supporting Cyber Security Operations in a large enterprise environment
- Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution
- Experience with SIEM & Log Management solution
- Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Metrics
- CCNA Security, GCIA, GCIH, CYSA+, Security+ or other related security certifications
- At minimum there must be one active security certification
Experience with one or more of the following tools:
- Qradar SIEM/Cortex XSOAR
- SentinelOne
- Proofpoint Email
- Azure Suite
- Zscaler
Working Hours
- 09.00 am to 07.00 pm local time
Why Join Us
- Be part of a global cybersecurity team protecting a dynamic enterprise environment.
- Opportunity to work with modern security technologies and drive tool innovation.
- Collaborative culture with professional development opportunities.
- Hybrid work model with our Kraków office as the primary location.
Top Skills
Azure Suite
Cortex Xsoar
Log Management
Proofpoint Email
Qradar Siem
Sentinelone
SIEM
Zscaler
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Sysco focuses on distribution of food products to restaurants, hotels, and other hospitality businesses.
