Responsibilities

• Proactively monitor and analyze the cyber threat landscape to assess risk and applicability to the firm
• Research, model and analyze and prioritize emerging adversarial tactics, techniques, and procedures (TTPs) and their likelihood and impact to the firm
• Consume and evaluate threat intel to understand the evolving threat landscape, adversarial tactics, techniques, and procedures (TTPs), and areas of concern/targeting that could potentially impact our environment
• Identify weaknesses, gaps and improvements within the security controls of the firm and provide support and guidance during mitigation and remediation efforts
• Engage with other functions to provide specialized knowledge and requirements to influence threat mitigation strategies
• Manage and consolidate cyber threat knowledge based on industry-level frameworks and provide curated adversarial cyber intel and threat briefings to stakeholders
• Provide IT security SME knowledge and support during applicable IT security incidents to enable effective mitigation and remediation efforts
• Track and manage metrics around the efficacy of the function

Requirements

• Ideally 3-5 years combined of experience in cyber threat intelligence or threat research-oriented role
• Good understanding of Cybersecurity organization practices, operations risk management processes, principles, cyber defense models, emerging threats, and vulnerabilities
• Knowledge of global threats, threat actors and the tactics, techniques, and procedures (TTPs) used by cyber adversaries, particularly as they relate to the financial sector
• Knowledge of threat modeling frameworks, such as cyber kill chains or the MITRE ATT&CK™ framework and expertise in mapping threat actor TTPs against internal controls
• Strong verbal/written communication skills, with the ability to present reports to both technical and non-technical audiences
• Expertise in data management, data analysis and development of analysis models
• Ability to translate external and internal data collected by the cyber defense functions into relevant risk indicators and metrics to be ingested into adversarial threat modeling and analysis models
• Experience building relevant dashboards summarizing complex threat management data to senior management
• Experience with scripting and programming languages may be beneficial/preferable but not essential
• Certifications such as GSEC, GCTI, GREM, CISSP or OSCP are desirable but not essential

We offer

• Team & working conditions:
  • Friendly team and enjoyable working environment
  • Engineering community of industry’s professionals
  • Flexible schedule and opportunity to work remotely
  • Relocation within our offices
  • Corporate and social events
  • Benefits package (health insurance, multisport, shopping vouchers)
• Stable income:
  • Employment Contract or B2B
  • Regular assessments and salary reviews
  • Participation in the Employee Stock Purchase Plan
  • Referral bonuses
• Career development:
  • Innovative solutions delivery and engineering excellence
  • Outstanding career roadmap
  • Leadership development, career advising, soft skills and well-being programs
  • Certification (GCP, Azure, AWS)
  • Unlimited access to LinkedIn Learning, Get Abstract, O’Reilly, Cloud Guru
  • Language classes on English and Polish for foreigners
• Please note that only selected candidates will be contacted