Pracodawca zakończył zbieranie zgłoszeń na tę ofertę

Cyber Defence Senior Engineer - Incident Response


  • Lubicz 23a, Grzegórzki, Kraków
    Kraków, Lesser Poland
  • offer expired 4 months ago
  • contract of employment
  • full-time
  • senior specialist (Senior)
  • hybrid work
  • remote recruitment


Lubicz 23a



Technologies we use


  • Active Directory


  • Python

  • PowerShell

About the project

Are you a cyber professional with the drive and expertise to be at the forefront of the cyber fight; tackling GPC’s complex global mission to defend against cyber threats? GPC has exciting and challenging positions in Cyber Security Incident Response and Threat Analytics space.

Your responsibilities

  • Being the front-line responder by identifying, triaging, and remediating security detections and anomalies

  • Providing incident response support, leading Threat Detection and Response analysts during technical investigations, effectively communicating results, analytical analysis, and mitigations to different operational teams and management

  • Leading projects to ensure they align with and meet the strategic roadmap for Threat Detection and Response

  • Analyzing and interpreting complex and high-volume data from various sources to advance investigations, quantify trends, or support analytical findings

  • Leveraging technology (commercial and open source) to enrich, triage, and characterize internal insights on malware and Indicators of Compromise (IOCs)

  • Understanding email security and response procedures

  • Leading the development of new investigative techniques and automation workflows. Regularly reviewing playbooks for efficiency and proactively improving playbooks where necessary

  • Staying informed about information security trends and technologies in the technology industry and identifying best practices and/or methodologies

  • Mentoring junior analysts on threat detection technologies, alert lifecycle, and investigative best practices

  • Coordinating and leading investigations and response activities with IR analysts

  • Coordinating response activities with infrastructure team(s) involved in recovery activities

  • Coordinating and leading forensics acquisition efforts

  • Ensuring all time spent is appropriately documented in an IR management solution

  • Participating in the creation, and maintenance of Incident Response Standards, Policies, Procedures, Guidelines, and Checklists

  • Improving current processes and procedures

  • Holding Post-Incident reviews to ensure that we continue to improve

  • Collecting all IOCs into a single location to ensure we can re-use these IOCs

  • Creating scripts, tools, and/or methods to enhance current services and processes

  • Additional responsibilities apart from IR

  • Helping Threat Hunting engagements across all clients

  • Helping to develop new automated ways to threat-hunt clients

  • Creating and providing training to Analysts, Engineers, etc. for how to improve current services

  • Threat Research that is pushed out to the team

  • Mentoring Jr. staff

Our requirements

  • A Minimum of 5 years of experience in the IT security area (SOC / NOC / Blue Team / Red Team / Purple Team environments)

  • Hands-on experience in one of 3 areas: Endpoint and host analysis, Authentication or Network analysis, and related technologies

  • Understanding of common email phishing and other exploitation techniques. Ability to rate emails as malicious/clean and take necessary steps.

  • Working knowledge of security technologies such as firewalls, anti-malware agents, and security logging/tracing.

  • Experience with an Endpoint Detection and Response platform

  • Familiarity with common end-user attack vectors for credential theft, malware delivery, wire fraud, etc.

  • Understanding of Active Directory permissions.

  • Familiarity with common diagnostic tools like Nmap, Procmon, Bind, or others

  • Experience searching with Splunk and other security tools

  • Understanding Enterprise forensics tools

  • Familiarity with Memory analysis

  • Experience in Threat Analysis and Threat identification

  • Direct system remediation

  • Experience with EDR solutions

  • Experience with log collection

  • Experience in running high-stress incident calls

  • Experience in creating plans for malware eradication

  • Strong communication skills


  • Bachelor's degree in a technical field would be a plus

  • Familiarity with scripting in PowerShell and/or Python would be a plus


  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of professional training & courses

  • life insurance

  • coffee / tea

  • meal passes

  • sharing the commuting costs

  • extra leave

  • work in international teams

  • friendly atmosphere

  • copyrights for IT roles

  • hybrid work

Recruitment stages



TECHNICAL TEST (optional - 45-90 min)








Genuine Parts Company founded in 1928 and based in Atlanta, Georgia, is a leading specialty distributor engaged in the distribution of automotive and industrial replacement parts and value-added services. The Company operates a global portfolio of businesses with more than 10,000 locations across the world, employing 53 000 people.

The GPC Global Technology Center in Krakow, established in 2022 by Genuine Parts Company is an innovative research and development facility supporting GPC’s digital transformation efforts.

The hub is focused on the development of advanced technologies and solutions that support GPC's operations and growth.

The GPC Global Technology Center team works on a wide range of projects assisting in areas such as e-commerce and data platforms, supply chain solutions, selling systems, and cyber security. This is home to a team of highly skilled IT engineers who are dedicated to driving innovation and delivering cutting-edge solutions for GPC.

Scroll to the company’s profile