Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Fireblocks Incident Response Expert 
Poland, Masovian Voivodeship, Warsaw 
223072129

29.08.2024
What you’ll do

As a SecOps Analyst, you’ll be responsible for securing and protecting our infrastructure, including managing and administering various security-related technologies, platforms, and tools. You'll also provide security expertise and guidance to the team on various security-related matters. You will be responsible for handling and identifying breach attempts, containing and eradicating threats in accordance with Fireblocks' security incident response procedures. This is a fast-paced environment where you’ll have the opportunity to manage multiple projects at once.

Responsibilities
  • Investigate alerts, triage them, and come up with proper action items and remediation plans.
  • Perform host-based analysis and artifact analysis in support of security investigations and incident response.
  • Coordinate investigation, containment, and other response activities with business stakeholders and groups
  • Develop incident analysis and findings reports.
  • Work with security solutions owners to assess existing security solutions' ability to detect/mitigate an attacker TTPs.
  • Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against the company network.
Minimum Requirements
  • 2+ years experience working in a Cyber Security Operations Center/Incident Response (in-house or outsourced) creating, escalating, and managing security incidents and creating incident reports.
    • Managing low to high-risk cybersecurity events, alerts, and incidents, event monitoring and analysis, and responding to and escalating IT/DevSecOps security events and threats and vulnerabilities.
    • Collaborating with stakeholders to drive incident response and remediation.
    • Development of common playbooks for most frequent or critical incident types.
  • 2+ years of working with security tools such as SIEM, Analytics & Intelligence, Intrusion Detection, Email Forensics, Data Loss Protection, and Identity & Access Management
  • Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix, and MacOS (Advantage)
  • Familiarity with cloud infrastructure (e.g., AWS, Azure, GCP).
  • Ability to communicate effectively in English, both verbally and in writing - Must
  • Problem solver, an in-depth thinker with a growth mindset.
  • Excellent communication skills and ability to work collaboratively with other teams
Preferred Qualifications
  • Bachelor's degree in Computer Science, Information Technology, or related field / Relevant certifications such as CompTIA Security+, CISM, CEH, or equivalent are a plus.
  • Familiarity with cloud services, Kubernetes, cloud environment architecture, and the major cloud providers (AWS, GCP, Azure)