You will join one of the largest bank in the world. .
Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defence” services, responsible for detecting and responding to information and cybersecurity threats to the company’s assets across the globe and is under the management of the Head of Global Cybersecurity Operations.
The Cybersecurity Incident Management and Response Team is charged with efficiently and effectively handling all information and cybersecurity incidents across the Group on a 24×7 basis. This mission is critical to the protection of customers, the brand, shareholder value as well as information and financial assets.
The Incident Management and Response function is further organised into two primary missions:
- Incident Management: The coordination and orchestration of technical response activities across the globe, the timely and effective communication of the aforementioned to Global Business and Function stakeholders, Senior Executive Leadership and regulatory bodies.
- Incident Response: Conducting technical and forensic investigations into matters raised through alerts, intelligence, testing activities and end user reports that lead to a coordinated effort to effectively contain, mitigate and remediate active and potential attacks.
- An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.
- An understanding of organisational mission, values and goals and consistent application of this knowledge.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- An ability to perform independent analysis of complex problems and distill relevant findings and root causes.
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative and actionable manner.
- Excellent knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation and remediation.
- Good knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc.
- Good knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits.
- Good knowledge of common enterprise technology infrastructure, platforms, middleware, databases, applications and tooling, including; Windows, Linux, infrastructure management and networking hardware.
- Good knowledge and demonstrated experience in analysis and dissection of advanced attacker tactics, techniques and procedures in order to inform adjustments to the control plane.
- Good knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google.
Industry Experience and Qualifications
Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:
- 5+ years of experience in an incident management role.
- Extensive experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector
- Industry recognised cyber security related certifications including; SANS GSEC, GCIH and/or CISSP
- Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same.
- Stable job in professional team,
- Interesting career path in an international organization,
- Consistent scope of responsibilities,
- Private health care, other employees’ benefits.
Note: Prepare your CV in English (PDF), fill in the form, and apply! 🙂
Please include in your CV the following clause necessary for the recruitment process:
“I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the Incident Manager position on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)”
Dotcommunity jest zarejestrowana w Rejestrze agencji zatrudnienia (KRAZ) pod numerem 9904.