We are an international pioneering technology leader that is writing the future of industrial digitalization. More than 10 years ago our IS Service Delivery Center in Krakόw has been built up, which is now hosted by the newly created Global Business Services center.
This allows us to expand our global activities even more. To strengthen our department team, we are looking for a Security Operations Center (SOC) -
Incident Specialist. ABB Security Operations Center (SOC) operates continuously (24x7) to monitor ABB’s environment, protects ABB information assets and responds to potential threats.
SOC Specialist is responsible for real-time monitoring and analysis of incoming security events and indicators, responding to, and mitigating security events across the enterprise.
At the same time he or she acts as a Subject Matter Expert in multiple SOC Projects including vendor quality assessment, reporting, data sources acquisitions, technology POCs, consulting and workshops.
Coordinates response activities in partnership with other teams and vendors
Coordinates and directs efforts among the CSIRT throughout the incident response lifecycle
Serves as the incident specialist for major or high-profile security incidents including validating and escalating incidents, coordinating countermeasures, facilitating information sharing and reporting
Provides strategic guidance on and tracking of tools / visibility / capabilities gaps affecting ABB’s information security posture
Provides timely and relevant updates to appropriate executive stakeholders and decision makers
Conducts after action reporting and provides relevant insights to guide improvements and adjustments to ABB’s information security posture
Be an active part of the Global SOC program
At least 4 years business experience in Information Security, at least 1 year in Incident management
Deep understanding of intrusion detection concepts and information security defense
Experience with various security incidents and remediation (e.g. DDoS, phishing, malware, data breach, unauthorized access)
Demonstrated ability to perform independent analysis of complex problems and distill relevant findings
Ability to perform root cause analysis
Demonstrated knowledge of common adversary tactics, techniques, and procedures
Security Certification (CCNA, CCNA Security, CISSP, GSEC, CEH or similar) will be an additional asset
Fluent English language skills (spoken and written)
Cultural awareness and the ability to work in a complex, multicultural and global team