Lead Analyst
Location: Cracow
Contract Type: employment contract directly with the client
Salary: 20 000 PLN gross - 25 000 PLN gross
Work Model: hybrid work (50% in the office, 50% home office)
ABOUT THE PROJECT:
We have a unique opportunity for you to join our Cybersecurity Monitoring and Threat Detection Team, responsible for monitoring the global technology and information estate 24/7. Our mission is to detect and respond to cyber threats, working closely with the Incident Management and Response Team to contain and remediate potential incursions. The team also continuously improves detection capabilities through advanced threat analysis. This mission is critical for the protection of customers, brand, shareholder value, and financial assets. Lead Analysts play a key role in analysing and responding to cyber security events, using the latest threat detection technologies.
YOUR RESPONSIBILITIES:
• Act as a senior member of the Monitoring and Threat Detection team, handling triage of threat detection events from the global technology estate.
• Collaborate with colleagues across Threat Detection and Incident Management for rapid escalation of threat events.
• Provide support during Incident Response, offering expertise to ensure thorough investigations.
• Participate in “Purple Team” and Threat Simulation activities to validate detection capabilities.
• Work with Threat Hunters on hypothesis-driven threat hunting and advanced data analysis.
• Apply structured analytical techniques to ensure consistent threat triage.
• Contribute to Post-Incident reviews, continually improving detection strategies.
• Ensure quality assurance and oversight of investigation tickets, capturing improvement ideas.
• Support the Crew Lead during shift handovers for effective 24/7 operations.
• Provide expert-level advice, driving the evolution of hunting, monitoring, detection, and response processes.
• Mentor and inspire cybersecurity colleagues in areas of expertise.
• Review technical threat intelligence reports and analyze Indicators of Attack to improve defense mechanisms.
• Develop new SIEM detection use cases, taking ownership from testing to documentation and training.
• Identify automation opportunities to enhance operational efficiency and reduce manual tasks.
SKILLS & EXPERIENCE WE REQUIRE:
• Strong investigative skills with an insatiable curiosity and a drive to win.
• Creative and instinctive, with an ability to think like an adversary.
• Excellent problem-solving and decision-making abilities.
• Understanding of business needs and a commitment to high-quality service.
• Familiarity with organisational values and goals, consistently applying this knowledge.
• Self-motivated with a high sense of urgency and integrity.
• Experience in refining operational procedures, workflows, and processes for consistent execution.
• Knowledge of cyber security principles, industry frameworks, and standards such as MITRE ATT&CK, OWASP, ISO2700x, PCI DSS, and NIST.
• Strong communication skills with the ability to produce clear, concise reports for various stakeholders.
• Fluent in English, both written and spoken.
• Expertise in analyzing threat event data, malicious activity, and attacker tactics.
• Expert knowledge of SIEM platforms and Enterprise Detection and Response (EDR) tools.
• Proficiency in common cybersecurity technologies such as IDS/IPS, advanced anti-malware tools, firewalls, proxies, and more.
• Strong knowledge of operating systems (Windows, Linux, OSX) and network protocols (TCP, UDP, DNS, etc.).
• Experience with incident response tools, techniques, and processes.
• Familiarity with scripting, programming, and developing bespoke solutions for cybersecurity challenges.
• Experience with cloud computing platforms such as AWS, Azure, and Google.
• Basic knowledge of forensic investigation tools like EnCase, FTK, and Kali Linux.
WHAT WE OFFER:
• Competitive salary
• Annual performance-based bonus
• Additional recognition bonuses
• Multisport card
• Private medical care
• Life insurance
• Home office set-up reimbursement (up to 800 PLN)
• Corporate events and CSR initiatives
• Nursery and kindergarten discounts
• Language classes
• Financial support for training and education
• Social fund
• Flexible working options
Sprawdź podobne oferty pracy