Cybersecurity IR Analyst

Technologies we use

About the project

Your responsibilities

• Perform host/network based forensic investigations to collect and preserve evidence related to incidents
• Managing incoming queues of detection alerts, threat reports and security incidents
• Interact with our Managed Security Service Provider (MSSP) to investigate and resolve issues
• Prioritizing and triaging competing incidents to maintain Service Level Agreements (SLA)
• Managing investigations including escalation, organizing unstructured work and engaging resource teams across the company
• Managing urgency and visibility to ensure timely response by all involved parties
• Owning an incident for it’s full lifecycle, including after action reviews and follow up actions
• Communication and coordination with other cyber security professionals, internal teams, and law enforcement agencies as needed to address incidents and threats.
• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response
• Create and maintain documentation including incident response plans, standard operating procedures, and knowledge base articles
• Rotating on-call coverage

Our requirements

• Strong problem solving abilities that help to drive forward incidents to completion and help keep Nielsen secure
• Your effective communication skills helps in collaborating with key stakeholders, and for translating technical jargon into understandable terms
• It is important that you stay current on new attack vectors, technologies, tools, and best practices as they change over time
• You have an open mind and a keen eye for details to detect anomalies and potential security issues others may overlook
• A true passion for cybersecurity and a commitment to safeguarding an organization from threats
• Experience with Cybersecurity Incident Response, Digital Forensics, Timeline Analysis or related
• Experience or knowledge of current information security solutions and technologies, including cloud, network and host based products
• Effective and efficient investigative skills across multiple technologies
• Excellent verbal and written communication skills including a focus on providing continuous, proactive communications to management, peers, and stakeholders while working on incidents
• Ability and willingness to continually learn and hone cybersecurity skills
• Cybersecurity certifications preferred (e.g. CISSP, Sec+, SANS/GIAC)
• Familiarity with Python and Powershell a plus
• Experience automating tasks via scripting or other tools (Tines,or similar SOAR) a plus
• Technologies you may work with include
• Security Incident and Event Management (Devo, Splunk, or similar)
• Network Intrusion Detection Systems (OSSEC, Juniper, Palo Alto, or similar)
• Endpoint detection and response (CrowdStrike, Defender, or similar)
• Enterprise level E-Mail security (Google, O365, or similar)
• Digital Forensics and Incident Response tools (Cado, EnCase, FTK, or similar)
• Most operating systems (Windows, Linux, MacOS)
• Public cloud/PaaS (e.g. AWS, GCP, Azure)
• Virtualization and Containers (VMware, Docker, Kubernetes, or similar)

What we offer

• Well-located office at Burakowska 14 - next to Arkadia Westfield Centre (newly designed office, bicycle parking facilities, 7th floor terrace with view over Warsaw)
• Remote working if preferred
• Additional days off for well-being: Mental Health Day, Birthday day plus December day if all annual leave has been used up
• Nielsen Impact Days - up to 3 days a year for voluntary work on chosen initiative
• Private health care and discounted gym (Multisport), well-being programmes
• Development opportunities: access to courses and webinars