Senior Cyber Security Analyst

This is a fully remote position, open to applicants in Poland.

📋 Description

• Observe, detect, and evaluate events from various sources to identify threats and respond promptly to incidents.

• Work in partnership with globally dispersed teams to achieve objectives.

• Aid in gathering metrics to assess the effectiveness of Security Operations functions.

• Review the efficacy of security protocols to ensure systems adhere to Security compliance standards.

• Support the implementation of security policies and operational procedures.

• Refine processes and subsequently update standard operating procedures for the team.

• Engage in different phases of incident investigations and threat hunting activities.

• Collaborate closely with internal teams such as Product, Customer Success, and others.

⛳️ Requirements

• Familiarity with web and API security, coding standards, WAFs, advanced persistent threat actors, botnets (both off-the-shelf and custom), and attack mitigation techniques.

• Proficiency in SQL is essential.

• Understanding of managing, securing, and preparing production web environments using tools like Kubernetes.

• Knowledgeable in Threat Hunting - Web/API, web hacking, web data analysis, or hands-on experience with WAF.

• Comprehensive understanding of web technology and the field of web application security.

• Strong grasp of the cybersecurity threat landscape and the mindset of attackers.

• Experience in scripting and programming languages such as JavaScript and Python.

• Keen interest in staying updated with industry trends and market needs to suggest product improvements and new intelligence sources.

• Proven enthusiasm for working with data and metrics as they relate to security.

• An excellent collaborator and communicator who remains inquisitive and enjoys innovation. The security landscape is ever-evolving.

• Nice to Have:

• Knowledge of open-source analytics and visualization tools like Grafana and Redash.

• Experience in red-teaming, specifically in developing botnets and white-hat hacking.

• Practical knowledge of web security modules and secure configuration practices.

• Hands-on experience and expertise in API test automation and standardization.

• Solid understanding of computer and network security concepts.

• Integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production processes.

• Mentor development teams, review pull requests, and guide the evolution of the development pipeline.

• Familiarity with modern application packaging, deployment, containerization, bug tracking tools, and other supporting technologies (e.g., Jenkins, Docker, Kubernetes).

• Knowledge of ISMS (ISO/IEC 27001), SOC2, NIST Cybersecurity Framework, CIS Controls, and Open Web Application Security Project.

🏝️ Benefits

• Comprehensive health and wellness programs.

• Opportunities for professional development and career growth.

• Flexible working hours and remote work options.

• Collaborative and innovative work environment.