Security Operations Center (SOC) - Incident/Problem Specialist
ABB
Kraków, Małopolskie, Poland
42 d. temu

We are an international pioneering technology leader that is writing the future of industrial digitalization. More than 10 years ago our IS Service Delivery Center in Krakόw has been built up, which is now hosted by the newly created Global Business Services center.

This allows us to expand our global activities even more. To strengthen our department team, we are looking for a Security Operations Center (SOC) -

Incident Specialist. ABB Security Operations Center (SOC) operates continuously (24x7) to monitor ABB’s environment, protects ABB information assets and responds to potential threats.

SOC Specialist is responsible for real-time monitoring and analysis of incoming security events and indicators, responding to, and mitigating security events across the enterprise.

At the same time he or she acts as a Subject Matter Expert in multiple SOC Projects including vendor quality assessment, reporting, data sources acquisitions, technology POCs, consulting and workshops.

Tasks :

  • Coordinates response activities in partnership with other teams and vendors
  • Coordinates and directs efforts among the CSIRT throughout the incident response lifecycle
  • Serves as the incident specialist for major or high-profile security incidents including validating and escalating incidents, coordinating countermeasures, facilitating information sharing and reporting
  • Provides strategic guidance on and tracking of tools / visibility / capabilities gaps affecting ABB’s information security posture
  • Provides timely and relevant updates to appropriate executive stakeholders and decision makers
  • Conducts after action reporting and provides relevant insights to guide improvements and adjustments to ABB’s information security posture
  • Be an active part of the Global SOC program
  • Requirements :

  • At least 4 years business experience in Information Security, at least 1 year in Incident management
  • Deep understanding of intrusion detection concepts and information security defense
  • Experience with various security incidents and remediation (e.g. DDoS, phishing, malware, data breach, unauthorized access)
  • Demonstrated ability to perform independent analysis of complex problems and distill relevant findings
  • Ability to perform root cause analysis
  • Demonstrated knowledge of common adversary tactics, techniques, and procedures
  • Security Certification (CCNA, CCNA Security, CISSP, GSEC, CEH or similar) will be an additional asset
  • Fluent English language skills (spoken and written)
  • Cultural awareness and the ability to work in a complex, multicultural and global team
  • Aplikuj
    Dodaj do ulubionych
    Usuń z ulubionych
    Aplikuj
    Mój adres email
    Klikając przycisk "Kontynuuj", wyrażam zgodę neuvoo na przetwarzanie moich danych i wysyłanie powiadomień e-mailem, zgodnie z zasadami przedstawionymi przez neuvoo. W każdej chwili mogę wycofać moją zgodę lub zrezygnować z subskrypcji.
    Kontynuuj
    Formularz wniosku