Cyber Security Analyst

Warsaw, Mazowieckie, Poland

Job company Intertek
Size 10001+ employees
Job specification: Intertek is a leading Total Quality Assurance provider to industries worldwide. Our network of more than 1,000 laboratories and offices and over 46,000 people in more than 100 countries, delivers innovative and bespoke Assurance, Testing, Inspection and Certification solutions for our customers’ operations and supply chains.

 

Intertek are looking for a computing enthusiast to join our global Cyber Security team. This is an interesting and varied role. This is a great opportunity to provide operational support for the Cyber Security technologies and processes. You would be responsible for the endpoint and network security solutions and will be the primary point of contact for the incident response activities surrounding endpoint and network security in the region.



If you have a good knowledge of Windows, Linux, incident response frameworks, threat intelligence and security event analysis then this is a fantastic opportunity. We operate in a distributed SOC environment, following the 9-5 shift model / 5 days per week therefore your private time will not be impacted. The 5 days per week can be adjusted to the applicant preference but must include Saturdays and Sundays.

 



Available benefits:

Access to best-in-class security training platform
Eligibility for security certification on a regular basis
Medical cover package
Multisport



 

Job Purpose:

Take primary part in the incident response activities within the region
Perform security event analysis as part of the daily responsibilities
Support the network and endpoint security solutions during the EMEA shift
Become an SME and manage a security technology and incident response process
Help structure the threat intelligence and analysis model.



 

Areas of responsibility:

Primary stakeholder for the field IT and regional data centre teams
Secondary stakeholder for network engineering and IT architecture teams



 

Tasks

Support the best-in-class security technologies
Effective security event analysis and pattern identification.
Continuous, active monitoring of global systems
Identify possible malware risks and help resolve any current system infections
Vulnerability management framework knowledge
Providing support for process improvement
Develop content for cyber defence tools.
Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
Use cyber defence tools for continual monitoring and analysis of system activity to identify malicious activity.
Recommend computing environment vulnerability corrections.
Isolate and remove malware.
Assess adequate access controls based on principles of least privilege and need-to-know.
Monitor external data sources (e.g., cyber defence vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defence threat condition and determine which security issues may have an impact on the enterprise.
Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
Work with stakeholders to resolve computer security incidents and vulnerability compliance.
Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.
Coordinate and provide expert technical support to enterprise-wide cyber defence technicians to resolve cyber defence incidents.
Coordinate incident response functions.
Provide technical summary of findings in accordance with established reporting procedures.
Perform timeline analysis.
Capture and analyse network traffic associated with malicious activities using network monitoring tools.

 



Knowledge

Experience with endpoint, network and endpoint security solutions
Knowledge: Good knowledge of IT security controls
Bachelor’s degree required; Master’s degree desired.
Experience: 2-5 years
One of Industry certifications: CCNA, CompTIASecurity+ or an industry recongised incident response certification is an advantage
Knowledge in security event analysis
Experience with Windows
Experience with Linux
Scripting skills
Familiarity with common and advanced vulnerabilities, exploits and attacks in Windows/Linux operating systems and web-based applications
Familiarity with threat protection solutions – AV/EDR
Familiarity with SIEM systems
Familiarity with malware analysis and digital forensics is an advantage
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of cyber threats and vulnerabilities.
Knowledge of authentication, authorization, and access control methods.
Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
Knowledge of incident response and handling methodologies.
Knowledge of network traffic analysis methods.
Knowledge of policy-based and risk adaptive access controls.
Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
Knowledge of different types of network communication (e.g., LAN, WAN, MAN, WLAN).
Knowledge of system administration, network, and operating system hardening techniques.
Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
Knowledge of Personally Identifiable Information (PII) data security standards.
Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
Knowledge of how to use network analysis tools to identify vulnerabilities.
Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
Knowledge of cyber threats and vulnerabilities.
Knowledge of cybersecurity and privacy principles.
Knowledge of network traffic analysis methods.
Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
Knowledge of security implications of software configurations.
Knowledge of malware analysis tools



 

Skills

Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Skill in using incident handling methodologies.
Skill in using protocol analysers.
Skill in recognising and categorizing types of vulnerabilities and associated attacks.
Skill in performing packet-level analysis.
Skill in recognising vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
Skill in conducting trend analysis.
Skill in utilising feedback to improve processes, products, and services.





Abilities

Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).

 



Job context:

Environment: Local, regional and global remit.

Framework: Cyber security architecture and risk management frameworks

Support hours: 40 hours (9-17) / 5 days per week. 5 days include Saturdays and Sundays to accommodate the weekend shift.





Key relationships:

Cyber Security Manager: direct management line, weekly progress tracking sessions

Project Managers: Regular meetings, determined by the project leadership team.

Technical staff: Regular informal discussions.

Seniority Level

Entry level

Industry
Information Technology & Services Computer & Network Security Computer Networking
Employment Type

Full-time

Job Functions
Information Technology
More jobs in this location:
Cyber Security Jobs Poland
Cyber Security Jobs Mazowieckie