Information Security Investigator

Main Responsibilities:

Conduct in-­depth investigations into security breaches using all available tools within Customer environment, Cisco, and online:

• Review device logs, full packet capture, and all forms of telemetry, interpret data
• Conduct online forensic investigations of devices (UNIX, Windows hosts and other platforms)
• Interview personnel to obtain information related to investigation
• Maintain up-­to-­date information in a secure case management system
• Identify, advise and implement incident mitigation actions, using the following tools:

             - null routing, Firewall ACL changes, DNS RPZ

             - Next-­Generation IPS, Web Security and Email Security

             - Endpoint and Network Advanced Malware Protection systems

             - account disabling and application offlining

• Resolve cases escalated from Security Analysts (either as escalated ticket to customer or resolving as false positive.)
• Resolve cases dispatched from Customers, maintain daily dialog with Customer on case until resolved
• Effect resolution by driving coordination across infrastructure, law enforcement, human resources, legal, and lines of business

Vigilantly protect Customer data, ensuring proper handling and protection electronically, physically, and verbally

Ensure assigned shift is covered personally or attended by an alternate Investigator

Share incidents and intelligence via conference presentations, intelligence exchanges, informal mailing lists, and social media

Mentor Analysts in investigative skills and customer communications

Maintain quality assurance for all processes

Conduct threat research to determine how Clients are affected by threats

Technical Skills:

• Detailed understanding of the TCP/IP protocol suite
• System Administrator-­level expertise in multi-­user operating systems including Unix flavors and Microsoft Windows
• Demonstrated expertise in current modern security attacks and threats
• Demonstrated expertise in malware analysis, categorization, and attribution:

          -Sandboxing technologies and products, commercial and open source

          -Malware reverse-­engineering and disassembly skills a plus

• Understanding of security incidents involving alternate OSs including Android and iOS
• Experience in scripting in one or more languages: shell, perl, python, or PHP
• Experience with virtualization technologies including VMWare, OpenStack, or other hypervisors
• General Cisco network security product and technology knowledge:

          -Firewalls, Intrusion Prevention Systems, Web and Email Security

          -R&S infrastructure

          -Network security configuration and troubleshooting

Desired Education and Certifications:

• BA/BS degree with 8-­10 years of IT and/or security experience (Incident Response Team and SOC experience a plus)
• Industry certifications such as CISSP, SANS GCIH would be a plus
• Cisco network certifications, such as CCNA, CCDA, or CCSP a plus
• Experience with Snort or other intrusion detection tools
• Experience with NetFlow telemetry and malware traffic analysis tools
• Experience with full-­packet capture tools
• Experience with anomaly detection tools
• Familiarity with the latest malicious code trends, including experience with exploits, exploit kits and malware

Additional Skills:

• Mentoring experience
• Excellent English, verbal and written
• Strong Teamwork
• Demonstrated Customer Service, communications and troubleshooting skills
• Proven crisis management skills
• Experience with operations processes, such as ITIL, CMM, or Six Sigma

What we Offer?

• Attractive Salary based on B2B or employment contract
• Enthusiastic and positive work atmosphere
• Daily work with the best IT specialist in international enviroment for one of the Best Employers in Poland with people from all around the world
• Private Healthcare(Medicover) and MultiSport Card
• E-learning platform
• Internal trainings, coaching and mentoring
• Possibility of changing position, department, gaining new knowledge and experience
• Healthy, comfortable and challenging environment
• Working in Cisco Office with Two cafeterias, Summer gardens, Outdoor Ping Pong table, Xbox games and board games in creativity rooms, Massage chairs, Table football and more