Cybersecurity Incident Response Officer
Location: Warsaw, Poland (hybrid working model – 50/50)
Experience: Minimum 3 years of experience in cybersecurity
Language: English required
About the Team
The Cybersecurity & IT Risks team is responsible for ensuring the security of information systems, managing cyber risks, supporting security initiatives, and responding to cybersecurity incidents.
The team works within an international environment, collaborating with cybersecurity professionals across multiple locations. Its mission is to strengthen security capabilities, improve incident response processes, and support the organization in protecting its digital assets.
Key areas of responsibility include:
- Providing guidance on IT security standards and supporting their implementation
- Identifying and assessing cybersecurity risks, threats, and potential impacts
- Raising cybersecurity awareness across the organization
- Supporting projects with security recommendations and risk assessments
- Managing cybersecurity incidents through a dedicated Computer Security Incident Response Team (CSIRT)
Role Overview
We are looking for a skilled Cybersecurity Incident Response Officer to join the CSIRT team and support cybersecurity incident management activities.
The role focuses on investigating security events, responding to incidents, identifying threats, and improving the organization’s security posture.
Responsibilities
The role may include involvement in the following activities:
- Cybersecurity incident handling and response
- Security investigations, including digital forensics activities
- Data leak prevention and analysis
- Phishing detection and investigation
- Threat hunting activities
- Cyber Threat Intelligence (CTI) analysis and reporting
- Vulnerability management
Required Skills & Expertise
Technical Skills
- Cybersecurity knowledge and practical experience
- Incident response experience
- Digital forensics knowledge
- Risk monitoring and security assessment
- Understanding of attacker tactics, techniques, and procedures (TTPs)
Tools & Technologies
Experience with some of the following tools is an advantage:
- EDR solutions (e.g. Tanium)
- Antivirus solutions (e.g. Trellix)
- SIEM platforms (e.g. Elastic)
- Threat intelligence and investigation tools
- Malware analysis tools (e.g. Ghidra)
- Data Loss Prevention solutions
- ServiceNow or similar ticketing/workflow platforms
Professional Skills
- Strong analytical thinking and problem-solving abilities
- Ability to work effectively in a team environment
- Adaptability and willingness to learn
- Good communication and interpersonal skills
- Ability to work independently and deliver results within deadlines
- Ability to operate effectively in an international and matrix organization
Education & Qualifications
- Preferably a Master’s degree in Information Security or a related field
- Fluent English skills (written and spoken)
- Proven experience as an Incident Handler, SOC Analyst, or Cyber Threat Intelligence Analyst
- Experience in digital forensics is highly valued
- Strong interest in cybersecurity research and security development
Additional advantages:
- Knowledge of French
- Cybersecurity certifications such as:
- GREM
- GCFA
- Blue Team Level 1 (BTL1)
- Blue Team Level 2 (BTL2)
- Certified Red Team Expert (CRTE)
- Certified Red Team Professional (CRTP)
Position Details
Position: Cybersecurity Incident Response Officer
Location: Warsaw, Poland
Work model: Hybrid (50/50)