Endpoint Threat Analyst - EDR Analyst
Miejsce pracy: Bydgoszcz
Who are we looking for?
We’re looking for information security practitioners, threat hunters or experienced SOC Analyst to join Atos CSIRT (Computer Security Incident Response Team)being a part of Big Data and Security (BDS) division.
We’re looking for candidate who is interested in working with EDR (Endpoint Detection and Response) technology and demonstrates passion for information security.
What will you do?
You will be working with EDR tool (like Falcon Crowdstrike, Cylance, McAfee Active Response etc.) on real time monitoring, performing alert triage, cooperating with Incident Responders and Forensics Examiners for Atos and its external worldwide customers.
What is ahead of you?
- Working in SECURITY – most dynamically developing area of IT.
- Working with most wanted technology of last years – EDR.
- We offer great development opportunities including financing of world class trainings and certifications.
- Every day new fascinating case..
- Developing your career to become an expert in Security Incident Response, Digital Forensics, Malware Analysis, Reverse. Engineering, Pen-testing and/or Threat Hunting.
- Fun by discovering new threats and solving IT SEC puzzles.
What team will you work in?
You will be working in 3rd line team responsible for handling challenging cases, performing incident response, computer forensics, malware analysis, pen testing and responding to EDR detections. You will be a part of small blue team of experts – incident responders, forensics and malware analysts – and security enthusiasts who work in creative and friendly atmosphere.
How do we work?
- Full-time contract of employment.
- We work in 5/10 mode (Monday – Friday rotationally covering hours from 8AM to 6PM).
- Additionally there is a round-robin on call duty that takes one week of being available by phone after business hours.
- Work from our office in Bydgoszcz with option of working from home.
- Flexible workplace environment.
Most common assignment types that we work on include:
- assessment of detections coming from EDR,
- hunting of threat coming many sources (e.g. Threat Intelligence, own research),
- preparing affected host for further investigation,
- collecting evidences necessary for further investigation,
- active Response on affected hosts via remote sessions,
- participating in lifecycle of security incident.
What do you need to know/have?
This is not a list of requirements but rather a combined checklist of our team’s skills so if you’re able to cover couple of these then it means you’re looking at the right job description:
- IT Security in heart (understanding of security),
- log analysis, SIEM,
- familiarity with endpoint detection and response solutions (e.g. CrowdStrike, Cylance, CarbonBlack),
- good knowledge of Windows and/or Linux/Unix,
- good understanding of networking and common protocols,
- understanding of scripting languages (PowerShell, Bash, Python),
- very good communication skills,
- fluent English (OK, this one is a requirement - at least B2 level).
What certificates can help you to stand out?
- C)IHE, C)PEH,
- GCIH or other GIAC certificates,
- CEH, ECSA,
- CompTIA Security+.
Steps of recruitment process:
- CV review,
- Technical call,
- F2F meeting including language check part,
Private life and travel insurance
Private medical care incl. dental care
Training and development programs
Learning foreign languages
Worldwide career opportunities
- Leader in digital services with 120,000 employees in 73 countries
- Provider of IT infrastructure management services, systems integration, outsourcing and IT consulting
- Official global IT partner of the Olympic and Paralympic Games
- Almost 5000 people employed in 8 cities: Bydgoszcz, Warszawa, Wroclaw, Opole, Krakow, Gdansk, Rzeszow, Lodz