sharing the costs of sports activities
Pracodawca zakończył zbieranie zgłoszeń na tę ofertę
Cyber Defence Senior Engineer - Incident Response
GPC GLOBAL TECHNOLOGY CENTER
- Lubicz 23a, Grzegórzki, KrakówKraków, Lesser Poland
- offer expired 4 months ago
- contract of employment
- full-time
- senior specialist (Senior)
- hybrid work
- remote recruitment
GPC GLOBAL TECHNOLOGY CENTER
Lubicz 23a
Grzegórzki
Kraków
Technologies we use
Expected
Active Directory
Optional
Python
PowerShell
About the project
Are you a cyber professional with the drive and expertise to be at the forefront of the cyber fight; tackling GPC’s complex global mission to defend against cyber threats? GPC has exciting and challenging positions in Cyber Security Incident Response and Threat Analytics space.
Your responsibilities
Being the front-line responder by identifying, triaging, and remediating security detections and anomalies
Providing incident response support, leading Threat Detection and Response analysts during technical investigations, effectively communicating results, analytical analysis, and mitigations to different operational teams and management
Leading projects to ensure they align with and meet the strategic roadmap for Threat Detection and Response
Analyzing and interpreting complex and high-volume data from various sources to advance investigations, quantify trends, or support analytical findings
Leveraging technology (commercial and open source) to enrich, triage, and characterize internal insights on malware and Indicators of Compromise (IOCs)
Understanding email security and response procedures
Leading the development of new investigative techniques and automation workflows. Regularly reviewing playbooks for efficiency and proactively improving playbooks where necessary
Staying informed about information security trends and technologies in the technology industry and identifying best practices and/or methodologies
Mentoring junior analysts on threat detection technologies, alert lifecycle, and investigative best practices
Coordinating and leading investigations and response activities with IR analysts
Coordinating response activities with infrastructure team(s) involved in recovery activities
Coordinating and leading forensics acquisition efforts
Ensuring all time spent is appropriately documented in an IR management solution
Participating in the creation, and maintenance of Incident Response Standards, Policies, Procedures, Guidelines, and Checklists
Improving current processes and procedures
Holding Post-Incident reviews to ensure that we continue to improve
Collecting all IOCs into a single location to ensure we can re-use these IOCs
Creating scripts, tools, and/or methods to enhance current services and processes
Additional responsibilities apart from IR
Helping Threat Hunting engagements across all clients
Helping to develop new automated ways to threat-hunt clients
Creating and providing training to Analysts, Engineers, etc. for how to improve current services
Threat Research that is pushed out to the team
Mentoring Jr. staff
Our requirements
A Minimum of 5 years of experience in the IT security area (SOC / NOC / Blue Team / Red Team / Purple Team environments)
Hands-on experience in one of 3 areas: Endpoint and host analysis, Authentication or Network analysis, and related technologies
Understanding of common email phishing and other exploitation techniques. Ability to rate emails as malicious/clean and take necessary steps.
Working knowledge of security technologies such as firewalls, anti-malware agents, and security logging/tracing.
Experience with an Endpoint Detection and Response platform
Familiarity with common end-user attack vectors for credential theft, malware delivery, wire fraud, etc.
Understanding of Active Directory permissions.
Familiarity with common diagnostic tools like Nmap, Procmon, Bind, or others
Experience searching with Splunk and other security tools
Understanding Enterprise forensics tools
Familiarity with Memory analysis
Experience in Threat Analysis and Threat identification
Direct system remediation
Experience with EDR solutions
Experience with log collection
Experience in running high-stress incident calls
Experience in creating plans for malware eradication
Strong communication skills
Optional
Bachelor's degree in a technical field would be a plus
Familiarity with scripting in PowerShell and/or Python would be a plus
Benefits
private medical care
sharing the costs of professional training & courses
life insurance
coffee / tea
meal passes
sharing the commuting costs
extra leave
work in international teams
friendly atmosphere
copyrights for IT roles
hybrid work
Recruitment stages
1
INITIAL INTERVIEW (30 min)
2
TECHNICAL TEST (optional - 45-90 min)
3
TECHNICAL INTERVIEW (60-90 min)
4
FINAL INTERVIEW (60-90 min)
5
FEEDBACK / OFFER
GPC GLOBAL TECHNOLOGY CENTER
Genuine Parts Company founded in 1928 and based in Atlanta, Georgia, is a leading specialty distributor engaged in the distribution of automotive and industrial replacement parts and value-added services. The Company operates a global portfolio of businesses with more than 10,000 locations across the world, employing 53 000 people.
The GPC Global Technology Center in Krakow, established in 2022 by Genuine Parts Company is an innovative research and development facility supporting GPC’s digital transformation efforts.
The hub is focused on the development of advanced technologies and solutions that support GPC's operations and growth.
The GPC Global Technology Center team works on a wide range of projects assisting in areas such as e-commerce and data platforms, supply chain solutions, selling systems, and cyber security. This is home to a team of highly skilled IT engineers who are dedicated to driving innovation and delivering cutting-edge solutions for GPC.