Security Analyst – Security Operations

Sylvamo GBSC

  • Lubicz 23, Grzegórzki, Kraków
    Kraków, Lesser Poland
  • offer expired 2 months ago
  • contract of employment
  • full-time
  • specialist (Mid / Regular)
  • hybrid work
  • remote recruitment

Sylvamo GBSC

Lubicz 23



Technologies we use


  • SOC


  • CISM

Your responsibilities

  • Lead detailed investigations and analysis of security-related findings, including those escalated from the SOC (Security Operations Center)

  • Act as incident commander and drive security incidents to closure, coordinating task forces made up of various teams across the organization to ensure comprehensive mitigation

  • Support forensics analysis and e-Discovery requests for legal and associated investigations

  • Communicate and document incident response activities in an authoritative and actionable manner

  • Perform root cause analysis, lessons learned activities, and create action plans that will prevent or mitigate against future incidents

  • Develop and maintain playbooks and monitoring use cases

  • Participate in on-call rotation

  • Support complex computer network exploitation and defense techniques

  • Provide technical support for continuous monitoring, computer exploitation, and reconnaissance

  • Research and maintain proficiency in open and closed source computer exploitation TTP's

  • Provide external threat monitoring, detection, event analysis

  • Provide analysis of inbound and outbound internet traffic, suspicious e-mail messages, and cloud security logs

  • Lead the review of security vulnerabilities across a variety of technologies and environments to determine high risk vulnerabilities to business assets

  • Lead meetings with business partners to ensure remediation efforts adhere to corporate standards and policies

  • Provide expert level analysis/validation of remediation actions taken, opportunities for improvements and out of the box thinking for optimizations and solving road blocks

  • Identify attack surface reduction opportunities via vulnerability data analysis, trends and asset metadata review as well as collaboration with threat intelligence and technology management

  • Create reports and dashboard to support cyber security metrics

  • Manage, maintain and support Sylvamo’s Vulnerability Management technologies and services (end-to-end)

Our requirements

  • Bachelor’s Degree in Information Technology, Information Security/Assurance, Computer Science, Engineering, or related field of study, or any combination of relevant equivalent experience, education and training

  • 7+ years of overall IT work experience

  • 4+ years in an Information Security Role

  • Proven leadership skills with the ability to manage conflict, deal with ambiguity, negotiate and make timely decisions

  • An advanced understanding and practical application experience in threat detection and response as well as Vulnerability Management and security related technologies and services is a must

  • Understanding of a variety of technical concepts such as: Networking, systems administration, application development, cloud computing and information security best practices

  • Experience with data analytics with the ability to provide qualitative analysis and recommendations

  • Ability to assess and communicate risk within a business context

  • Strong attention to detail, data accuracy, and data analysis

  • Self-motivation and ability to operate with a high sense of urgency and a high level of integrity

  • Ability to comfortably interface with other internal or external organizations regarding security policy and standards violations, security controls failure and incident response situations

  • Security Certification preferred: CISSP, CISM, GIAC or CISA or similar

  • The IR & Vulnerability Management Specialist preferably has knowledge of or limited experience with the following tools: SIEM, Email/Phishing, Major Cloud Providers (Azure preferred). AV/EDR, Networking Equipment, Endpoint Logging (Windows, Linux), Vulnerability Management, Encase, Cellebrite or other mobile forensics software


  • private medical care

  • sharing the costs of foreign language classes

  • sharing the costs of professional training & courses

  • remote work opportunities

  • integration events

  • corporate sports team

  • corporate library

  • coffee / tea

  • leisure zone

  • pre-paid cards

  • shopping coupons

  • sharing the costs of tickets to the movies, theater

  • holiday funds

  • christmas gifts

  • sharing the costs of a streaming platform subscription

  • employee referral program

  • charity initiatives

  • family picnics

Why is this job for You

Cyber Security Analyst position is part of the Global Information Security organization. The Incident Response & Vulnerability Management Specialist will be responsible for monitoring enterprise networks and systems, detecting events, and reporting on threats that are directed against those systems. The Incident Response & Vulnerability Management Specialist will collaborate with global teams to assist with efficient triage and remediation of events in the incident queue. Additionally, the specialist will work with investigative groups such as Legal, Internal Audit, and others to provide guidance and support for investigation, forensics, and e-Discovery requests.

The Cyber Security Analyst will provide Sylvamo with a fully comprehensive array of analytical activities in support of external threat monitoring, detection, event analysis, and incident reporting efforts to include, analysis of inbound and outbound internet traffic, suspicious e-mail messages, and cloud security logs.

Sylvamo GBSC

At Sylvamo, we’re a team on a mission. When you work for us, you’ll be helping to sustain and renew ecosystems, while delivering on the promise of paper to educate, communicate and entertain the world. We are the world’s paper company. Our purpose is to produce the paper the world relies on in the most responsible and sustainable ways. Come grow with us.

Scroll to the company’s profile