Location: Warsaw

Type: Hybrid

• Handling and responding to cybersecurity incidents.
• Conducting investigations and digital forensics.
• Implementing and monitoring DLP measures.
• Identifying and analysing phishing attempts.
• Performing threat hunting and proactive risk identification.
• Producing and analysing cyber threat intelligence.
• Managing vulnerabilities.
• Working closely with European teams and participating in Agile ceremonies (daily, planning, retro).

• Proven experience as an Incident Responder or CTI Analyst.
• Hands-on experience in digital forensics.
• Working knowledge of ServiceNow, EDR tools (e.g., Tanium), AV (e.g., Trellix), SIEM (e.g., Elastic), DLP and other security tools.
• Strong understanding of attacker TTPs.
• Nice to have certifications: GREM, BTL1/BTL2, CRTE, CRTP.

• Strong organisational and analytical skills.
• Ability to work independently and meet deadlines.
• Effective communication and teamwork skills.
• Ability to navigate matrix structures.
• Strong command of English; French is a plus.

• Agile methodology with two-week sprints.
• Full-time position.
• Hybrid work model: approx. 40% office presence (Warsaw).