Logo

Enterprise Threat Management and Security Architecture (ETMSA) Engineer

Crypto.com
As a member of the ETMSA team, you will be integral to responding to and managing cybersecurity threats and incidents. You will apply your skills in cyber defense, digital forensics, and log analysis to address security incidents across infrastructure.

Overview

Department

IT

Job type

Full time

Compensation

Salary not specified

Location

Warsaw, Poland, Eastern Europe

Resume Assistance

See how well your resume matches this job role with our AI-powered score. By uploading your resume, you agree to our Terms of Service

Ready to apply?

You're one step away - it takes less than a minute to upload your resume

Requirements

  • At least 5 years experience in the Cyber Security industry
  • Strong technical and analytical skills
  • Familiar with the cyber security incident response process
  • Familiarity with AI tools and their application in automating security tasks and processes.
  • Hands-on experience on performing incident response activities
  • Have scripting experience like Bash, PowerShell, Python, Go, etc, and the ability to use these skills to aid in responding to incidents involving Windows, Linux, macOS, as well as cloud environment
  • Have knowledge of cybersecurity tools and software like NGFW, EDR, IDS/IPS, EDR, DLP, SIEM, other log management platforms, etc.
  • Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain
  • Be passionate on exploring new technologies and having creative initiative to boost the team capabilities
  • Holders of security related certifications is a plus (e.g.Azure, AWS, CISSP, GCIH, GCIA, GCFA, GNFA, GREM, or other equivalent)
  • Awareness of regulatory and compliance requirements like GDPR, MAS, PSD2 etc is a plus.

    • Responsibilities

  • Report to Director to facilitate all phases in the incident response lifecycle
  • Be involved in various incident prevention projects to improve Security posture
  • Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc.
  • Take part in self-assessment exercises like Tabletop Exercises, Attack Simulations, Red/Purple Team exercises to make sure the incident response process is working smoothly
  • Develop incident response runbooks, playbooks and SOPs with reference to different regulatory requirements
  • Evaluate the incident response readiness of different layers - people, process, technology
  • Respond to the cyber security incidents escalated from various channels including the 24/7 SOC team.
  • Respond to cyber security incidents in compliance with the local authority / regulatory requirements.
  • Assess the risk, impact and scope of the identified security threats
  • Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs
  • Communicate with the stakeholders and provide guidance, recommendations to contain and eradicate the security incident
  • Participate in root cause analysis using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.
  • Document and present investigative findings for high profile events and other incidents of interest.
  • Provide lessons learnt meeting to the stakeholders
  • Lead and keep track on the follow-up activities
  • Document the incident in the case management system and provide incident reports
  • Always ready to jump in, in the event of security incidents.
    • Company
    About
    Academy
    Pricing
    Partnerships
    Legal
    Terms
    Privacy
    Cookies
    Contact
    © All rights reserved.