You will join one of the largest banking institutions in the world.
Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defense” services responsible for detecting and responding to information and cybersecurity threats to the company assets across the globe and is under the management of the Head of Global Cybersecurity Operations. This includes dedicated functions for the monitoring and detection of threats within the global estate as well as Cybersecurity Incident Management and Response activities.
The Cybersecurity Monitoring and Threat Detection Team are charged with efficiently and effectively monitoring the company’s global technology and information estate 24×7. The team’s mission is to detect the presence of any adversary within the estate, quickly analyze the severity and scope of the issue and work with the Cybersecurity Incident Management and Response Team to contain, mitigate and remediate the incursion. In addition, the team is responsible for constantly improving its detection capability through attack analysis and ensuring that the appropriate security event information is being fed into the team and that the alerting rules are tuned for maximum effectiveness.
- Monitoring the company’s entire global technology and information estate for new attacks and log them to appropriate systems
- Triaging potentially malicious events to determine severity and criticality of the event
- Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs
- Supporting cyber security incidents through to eradication and feedback lessons learned, in to improved cyber resilience
- Analyzing network traffic using a variety of analysis tools
- Security Information and Event Management (SIEM) tools.
- IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS
- Network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc.
- Network monitoring devices such as firewalls, IDS/IPS, web proxies, email filters, etc.
- Operating systems and platforms to include Windows, Linux, UNIX
- Good investigative skills and insatiable curiosity
- Instinctive and creative, with an ability to think like the enemy
- Strong problem-solving and trouble-shooting skills
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- Ability to learn quickly through hands on experience
- Excellent knowledge and demonstrated experience of common log management suites
- Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems
- Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including: OWASP, ISO2700x series, EU data security and privacy acts, CIS and NIST standards
- Experience in similar cyber security analyst role
- Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same
- Ability to speak, read and write in English
- Functional knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google
- Industry recognised cyber security related certifications including; CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP
- Excellent and positive work environment.
- A stable role with a consistent set of responsibilities.
- Career development prospects within the multi-national leading financial organization.
- Private health care and employees’ benefits.
- sharing the costs of sports activities, sharing the costs of foreign language classes, sharing the costs of professional training & courses, life insurance, retirement pension plan.
Note: Prepare your CV in English (PDF), fill in the form, and apply!
Please include in your CV the following clause necessary for the recruitment process:
“I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the Cybersecurity Analyst position on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)”