CrawlJobs Logo

Csirt Security Engineer

Poland, Warsaw 200.00 - 210.00 PLN / Hour · Job Posted April 05, 2026
Apply Position
Job Link Share

Job Description

In this role, you will be responsible for ensuring the proper implementation of security and continuity policies, influencing business decisions, and strengthening the overall security posture in an agile environment.

Job Responsibility

  • Ensure the deployment and enforcement of security and business continuity policies within the assigned tribe
  • Act as a security advisor, influencing business and technical decisions in alignment with security objectives
  • Ensure applications are properly onboarded into security tools (e.g., SAST, AVS, Pentests, SCA, ANON)
  • Promote security by design and security by default principles in software development and architecture
  • Support teams in troubleshooting and resolving security issues
  • lead cross-functional vulnerability remediation initiatives
  • Participate in Agile ceremonies (Sprint Planning, Backlog Reviews) with a strong focus on security requirements
  • Provide regular reporting on application security posture and vulnerabilities to IT Risk & Cyber Security stakeholders
  • Collaborate with central IT Risk & Cyber Security teams and other Tribe Security Officers to share best practices
  • Coordinate and follow up on business continuity tests and exercises
  • Support IT risk identification, assessment, and definition of mitigation measures
  • Monitor and track remediation plans and ensure timely execution
  • Report and escalate IT risks based on severity levels
  • Prepare and collect evidence for internal controls and audit processes

Requirements

  • Proven experience in cybersecurity, IT risk, or a similar security-related role
  • Strong understanding of security governance, risk management, and compliance principles
  • Experience working in Agile environments and collaborating with cross-functional teams
  • Knowledge of application security practices and tools (e.g., SAST, SCA, penetration testing)
  • Ability to assess risks, define mitigation strategies, and track remediation activities
  • Strong analytical and problem-solving skills
  • Excellent communication and stakeholder management skills
  • Ability to influence both technical and business decisions
  • Experience in preparing documentation for audits and internal controls
  • Proactive mindset with a strong sense of ownership

What we offer

  • Private medical care with dental care (covering 70% of costs). Family package option possible
  • Multisport card (also for an accompanying person)
  • Life insurance
  • Work with talented engineers on large-scale, technically challenging projects

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Csirt Security Engineer

8 matching positions

New

Staff Security Engineer, CSIRT

As a Staff Security Engineer within our CSIRT Team, you will be accountable for ...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
deliveryhero.com Logo
Delivery Hero
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of broad cybersecurity experience with a deep understanding of core security fundamentals, coupled with 5+ years of dedicated experience in a SOC or CSIRT environment
  • Proven track record acting as a Security Incident Commander
  • Mastery of the full incident lifecycle and hands-on playbook creation for complex, high-availability hybrid-cloud environments, distributed microservices, and platforms processing vast amounts of PII and payment data
  • Operational expertise with SIEM, EDR, Cloud Security platforms, SOAR, and WAF/DDoS protection solutions
  • Advanced proficiency in writing production-quality code (e.g., Python, Go, Rust) to build scalable in-house solutions
  • Hands-on experience securing and responding to incidents across public cloud platforms (AWS, GCP) and cloud-native technologies like Kubernetes, Docker, and Infrastructure-as-Code (e.g., Terraform)
  • Familiarity with Git/GitHub usage, CI/CD systems, and modern SecOps workflows
  • An exceptional communicator with the ability to influence cross-functional stakeholders
Job Responsibility
Job Responsibility
  • Incident Commander: Serve as the single accountable leader during active responses for high-severity incidents, directing investigative focus from detection through recovery while maintaining a calm and decisive demeanor under pressure
  • Post-Incident Reviews & Remediation: Lead blameless post-incident reviews to ensure continuous improvement, durable engineering solutions, and systemic resilience
  • Stakeholder Communication: Serve as the primary interface to stakeholders during critical security incidents, translating complex technical realities into clear risk, impact, and decision frameworks
  • Engineering-Led Response & Automation: Design and develop in-house solutions, automated workflows, and scalable systems to eliminate repetitive processes, reduce triage time, and continuously improve the overall quality and efficiency of our security incident response operations
  • Mentorship & Leadership: Act as a hands-on technical leader and role model, actively mentoring teams and individuals within your domain
  • Metrics & Strategic Visibility: Have a Data-Driven Strategic mindset to define, track, and improve core operational metrics (MTTD, MTTR) to identify systemic gaps and propose strategic, long-term security investments
  • Organizational Readiness & Tabletop Exercises: Proactively design and facilitate complex, realistic tabletop simulations and purple team engagements
  • On-Call: Participate in a predictable on-call rotation as an Incident Responder
What we offer
What we offer
  • Hybrid working model
  • 27 days holiday
  • 1.000 € Educational Budget
  • Language Courses
  • Parental Support
  • access to the Udemy Business platform
  • Health Checkups
  • Mindfulness and Gym & Bicycle Subsidy
  • Digital Meal Vouchers
  • Food Vouchers
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Mozilla is looking for an Incident Responder to monitor and mitigate attacks acr...
Location
Location
Canada; United States
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT)
  • Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.). Splunk proficiency is preferred
  • Expertise with integrating and leveraging threat intelligence for detection engineering
  • Expertise with security orchestration and automation (SOAR) platforms such as Tines or Splunk SOAR
  • Superb communication and leadership capacity
  • ability to partner effectively with diverse company stakeholders
  • Real-world experience in software development and/or engineering operations for consumer products and services
  • B.S. in a technology-focused field is helpful
  • Practical experience working with cloud technologies (eg. Google Cloud Platform, Amazon Web Services, Heroku, Microsoft Azure, etc.)
  • Ownership and Accountability
Job Responsibility
Job Responsibility
  • Identify and respond to security incidents on a global scale
  • Act as an incident commander to drive incidents through the entire response lifecycle
  • Design and maintain a portfolio of security alerts, automated actions, playbooks and escalation workflows in support of a high-performing 24/7 incident response capability
  • Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors
  • Research threat intelligence reports, triage and manage resulting workflows
  • Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities
  • Participate in on-call rotation
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Infrastructure Engineer - Network Security

The Network Security team ensures that Campbell’s business operations including ...
Location
Location
United States , Camden
Salary
Salary:
131400.00 - 188900.00 USD / Year
campbells.com Logo
THE VAIL CORPORATION
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum education required, with specialization as appropriate: Bachelors Degree or equivalent work experience in Information Technology or Information Security
  • 6+ of experience in IT or Information Security
  • 3+ Years of IT Systems Management (Plan/Build/Run)
  • 3+ years of Firewall policy management (Deployment/Operations) for one or more of the leading NGFW companies (Palo Alto, Fortinet, Checkpoint)
  • Previous experience working in outsourced IT environments
  • Ability to translate business needs into implementation plans and can articulate cost implications of options
  • Extensive knowledge & understanding of NGFWs, SSL VPN, NAC & RBAC, Privileged access (PAM) & SASE solutions
  • Vendor knowledge and past implementation of Cisco, Aruba & Fortinet
  • Extensive experience with Firewall & SSL VPN based policy management
  • both with direct implementation and guiding principles with ‘zero-trust’ approach
Job Responsibility
Job Responsibility
  • Develop, document, communicate, and enforce a network technology standards policy which is delivers value, is manageable and scalable
  • Conduct analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products
  • Conduct research and make recommendations on network products, services, protocols, and standards in support of network procurement and digital development efforts
  • Lead efforts on Network infrastructure transition following ‘DevSecOps’ principles & framework in alignment with business application and related Enterprise Architectural standards
  • Help build strategic plans by leveraging leading-edge scientific and technological knowledge to drive business strategies as well as enhance the value proposition of IT solutions across cost, stability and security frameworks
  • Participating and enabling successful Business projects that have network security dependencies
  • Executing and ensure the successful delivery of IT Network and Network security tech
  • Assist with the design and implementation of short- and long-term strategic plans to ensure network services meet existing and future business requirements
  • Works closely with other groups, including System Administrators, AppOps, Infosec, Incident response & Vulnerability management teams, to ensure corporate compliance & improvements across network infrastructure
  • Provide support for Infosec related project initiatives and CSIRT event responses
What we offer
What we offer
  • Benefits begin on day one and include medical, dental, short and long-term disability, AD&D, and life insurance (for individual, families, and domestic partners)
  • Employees are eligible for our matching 401(k) plan and can enroll on the first day of employment with immediate vesting
  • Campbell’s offers unlimited sick time along with paid time off and holiday pay
  • If in WHQ – free access to the fitness center
  • Access to on-site day care (operated by Bright Horizons) and company store
  • Giving back to the communities where our employees work and live is very important to Campbell’s
  • Our “Campbell’s Cares” program matches employee donations and/or volunteer activity up to $1,500 annually
  • Campbell’s has a variety of Employee Resource Groups (ERGs) to support employees
  • competitive health, dental, 401k and wellness benefits beginning on the first day of employment
  • Fulltime
Read More
Arrow Right
New

Cyber Security Analyst (L2)

We are seeking a skilled Cyber Security professional to join the Cyber Security ...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience (7+ years) in Cyber Security, including SIEM, event analysis, and incident response
  • Understanding of networking and security fundamentals
  • Familiarity with SIEM technologies such as ArcSight, ELK, Splunk, QRadar, or LogRhythm
  • Knowledge of SIEM correlation rules and alerting mechanisms
  • Experience analysing phishing or spam emails and recommending remediation actions
  • Proficiency in EDR tools such as Microsoft Defender or CrowdStrike
  • Strong analytical thinking and clear communication skills
  • Ability to review cases thoroughly and present findings in operational forums
  • Experience creating playbooks and documentation
  • Motivation to stay informed about emerging cyber threats
Job Responsibility
Job Responsibility
  • Investigate, analyse, and triage security alerts across security platforms
  • Participate in daily operational stand-ups and incident discussions
  • Act as a technical subject matter resource within the CSOC
  • Develop and maintain knowledge base (KB) articles and documentation
  • Identify opportunities for process optimisation and effort reduction
  • Support continuous improvement and stabilisation of operational processes
  • Collaborate with Local Market CSIRT teams on ongoing incident cases
  • Document SOPs, KEDB, and operational procedures
  • Deliver knowledge-sharing sessions to support team capability building
  • Contribute to rule fine-tuning and content ingestion in SIEM platforms
What we offer
What we offer
  • Opportunity to work in a global CSOC environment with exposure to international markets
  • Hands-on experience with leading SIEM and EDR technologies
  • Continuous learning through real-time incident handling and threat analysis
  • Collaborative work culture focused on knowledge sharing and development
  • Exposure to cloud security and modern cyber defence strategies
  • Fulltime
Read More
Arrow Right

CSIRT Director

The CSIRT Director is a cybersecurity leader responsible for the complete owners...
Location
Location
Canada , Montreal
Salary
Salary:
Not provided
sita.aero Logo
SITA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of progressive experience in cybersecurity, with at least 7+ years in a senior leadership role with direct accountability for security operations.
  • 5+ years of direct experience managing large, geographically distributed Security Operations Centers (SOCs) — including multi-site, multi-shift, 24/7/365 operations.
  • Bachelor's degree in computer science, Information Systems, Information Security, or a related discipline
  • or equivalent professional experience.
  • Active professional certification in at least one of the following: CISSP, CISM, CISA, GIAC GSOM, GIAC GCIH, or equivalent.
  • Proven experience managing global teams across multiple time zones and cultures, with a track record of building cohesive, high-performing distributed teams. With demonstrated ownership of an Incident Response Function and Team.
  • Demonstrated ownership of two or more of the following functions: SOC, CTEM / Vulnerability Management, Cyber Threat Intelligence,
  • Strong command of the MITRE ATT&CK framework, NIST CSF, and incident response methodologies (SANS PICERL, NIST 800-61).
  • Executive-level communication skills — ability to translate complex technical threats into business risk language for CISO, C-suite, and Board audiences.
Job Responsibility
Job Responsibility
  • Continuous Threat Exposure Management (CTEM) - Directs the organization's proactive exposure reduction program. This includes attack surface management, vulnerability prioritization, red team / purple team program oversight, penetration testing governance, and the coordination of remediation workflows with IT and engineering stakeholders.
  • Cyber Threat Intelligence (CTI) - Commands the intelligence function responsible for producing finished, operationalized threat intelligence. This includes strategic intelligence briefings to CISO and Board, tactical intelligence feeds into detection platforms, threat actor tracking, sector-specific threat analysis (transportation/aviation/border security), and third-party intelligence partnerships.
  • Incident Response (IR) - Owns the full incident response lifecycle. Accountable for IR planning and playbook governance, crisis management and executive communication during significant incidents, forensic capability oversight, tabletop exercise program, regulatory breach notification coordination, and post-incident reviews (PIRs).
  • Security Operations (SecOps) Collaboration - Direct and optimize resources across global SOC locations (Montreal, Cairo, Singapore), ensuring consistent standards, 24/7/365 coverage through a follow‑the‑sun operating model, and resilient business continuity with defined failover capabilities. Drive collaboration and intelligence sharing across sites while managing MSSP and third‑party partners to ensure performance, accountability, and unified global operations.
  • Strategic Leadership & Governance - Define and lead a multi‑year global CSIRT strategy, serving as the single point of accountability for threat exposure, intelligence, and incident response while aligning capabilities to business risk and industry frameworks. Own executive reporting, budget planning, and the establishment of clear SLAs and KPIs to ensure a mature, scalable, and effective cybersecurity operations program.
  • People Leadership & Talent Development - Lead, develop, and retain a high‑performing global cybersecurity operations team across CTEM, CTI, and Incident Response, fostering an inclusive, high‑accountability culture that enables collaboration across regions and time zones. Establish clear career pathways, performance management, and succession planning while overseeing staffing models, shift coverage, and on‑call operations across all SOC locations.
  • Executive & Stakeholder Engagement - Act as the primary liaison to the CISO, delivering executive‑ and board‑level insights on security operations, threat posture, and incident response effectiveness. Partner cross‑functionally with architecture, engineering, GRC, legal, and IT teams, and represent CSIRT in audits, regulatory reviews, and customer security engagements.
What we offer
What we offer
  • Work from home up to 2 days/week (depending on your team’s needs)
  • Flex Day: Make your workday suit your life and plans.
  • Flex Location: Take up to 30 days a year to work from any location in the world.
  • Employee Wellbeing: Employee Assistance Program (EAP) for you and your dependents 24/7, 365 days/year
  • Champion Health platform.
  • Professional Development: Access to world-class learning platforms including LinkedIn Learning, Microsoft's Enterprise Skills Initiative, Airport Council International, Pluralsight, Harvard Business Publishing, Stanford and many others.
  • Competitive Benefits: Competitive benefits that make sense with both your local market and employment status.
  • Fulltime
Read More
Arrow Right

Cyber Defense Engineer

Embark on a rewarding journey with Randstad's Global Security Operations Center ...
Location
Location
Portugal
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
July 31, 2026
Flip Icon
Requirements
Requirements
  • Understanding of cybersecurity principles, threat landscape, and knowledge of various attack vectors
  • Demonstrates robust analytical skills and effective problem-solving abilities to assess security events, evaluate risks, and make informed decisions during security investigations, ultimately ensuring the resolution of security incidents
  • Experience with industry-leading SIEM and EDR tools for the monitoring and analysis of security events
  • Basic understanding of network protocols, traffic analysis, and the ability to identify suspicious activities
  • Clear and concise communication skills to report incidents, write documentation, and interact with team members and technical and non-technical stakeholders
  • A basic understanding of the MITRE ATT&CK framework
  • Proficient in the English language
  • Excellent analytical skills
  • Ability to operate in a matrix organization
  • Self-starting and self-supporting
Job Responsibility
Job Responsibility
  • Perform thorough analysis of cybersecurity alerts, assuming complete responsibility for leading and concluding the investigation
  • Utilize cutting-edge technology for security investigations, such as EDR, SIEM, SOAR, and other advanced tools
  • Maintain a continuous communication loop with the outsourced staff of the frontline defense center and the external segments of the cyber defense center
  • As a member of the regional cyber defense center, support local IT and ISOs by addressing security issues and translating necessary information for analysis and response into actionable tasks
  • Play a key role in enhancing the CDC's ongoing improvement
  • During available time and depending on your skills and interests, aid the vulnerability management lead and the threat intelligence lead in their respective operations
  • Work closely with the continuous improvement lead to design and develop new and improve existing threat detection capabilities
  • During critical security incidents, join forces with the CSIRT to swiftly and decisively bring closure to these challenges
  • Fulltime
Read More
Arrow Right

Senior Cyber Incident Management, Operations & Response Specialist - VOIS

We are seeking a Senior Cyber Incident Management, Operations and Response Speci...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in a Security Operations Centre, operating at senior analyst level
  • Strong expertise in SIEM platforms (such as ArcSight, Splunk, QRadar or LogRhythm)
  • Proven experience in security incident investigation, response and management
  • Understanding of malware behaviour, advanced persistent threats and complex attack techniques
  • Skilled in SIEM correlation logic, rule tuning and detection optimisation
  • Ability to create structured workflows, playbooks and triage processes
  • Confident mentoring, coaching and motivating analysts within the team
  • Strong written and verbal communication skills, including the ability to present technical findings to senior stakeholders
  • Degree in Computer Science, Information Technology, Engineering or a related field
  • Prior experience in cloud technologies and the information security domain
Job Responsibility
Job Responsibility
  • Investigate, analyse and accurately triage security alerts and incidents across CSOC platforms
  • Perform deep-dive incident analysis, identify root causes and assess business risk
  • Lead daily stand-ups and act as an escalation point for functional and technical queries from Cyber Defence Analysts
  • Produce clear, high-quality technical and operational reports for stakeholders
  • Maintain and continuously enhance alert triage quality and operational deliverables
  • Develop, document and maintain playbooks, runbooks, SOPs, KEDB articles and knowledge base content
  • Proactively fine-tune detection rules and identify opportunities for alert reduction and effort optimisation
  • Monitor and protect digital systems against unauthorised access, modification or data loss
  • Analyse security breaches and recommend appropriate tools, controls and countermeasures
  • Collaborate closely with Local Market CSIRT teams to manage ongoing cases and reduce backlog
What we offer
What we offer
  • Opportunity to work at the forefront of cyber defence within a global telecommunications organisation
  • Exposure to complex threat landscapes and enterprise-scale security environments
  • A role that combines technical depth with leadership, mentoring and operational ownership
  • The ability to influence detection strategy, incident response quality and process maturity
  • Fulltime
Read More
Arrow Right

Cyber Defense Engineer

Embark on a rewarding journey with Randstad's Global Security Operations Center ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Understanding of cybersecurity principles, threat landscape, and knowledge of various attack vectors
  • Demonstrates robust analytical skills and effective problem-solving abilities
  • Experience with industry-leading SIEM and EDR tools
  • Basic understanding of network protocols, traffic analysis, and the ability to identify suspicious activities
  • Clear and concise communication skills
  • Basic understanding of the MITRE ATT&CK framework
  • Proficient in the English language
  • Excellent analytical skills
  • Ability to operate in a matrix organization
  • Self-starting and self-supporting
Job Responsibility
Job Responsibility
  • Perform thorough analysis of cybersecurity alerts, assuming complete responsibility for leading and concluding the investigation
  • Utilize cutting-edge technology for security investigations, such as EDR, SIEM, SOAR, and other advanced tools
  • Maintain a continuous communication loop with the outsourced staff of the frontline defense center and the external segments of the cyber defense center
  • As a member of the regional cyber defense center, support local IT and ISOs by addressing security issues and translating necessary information for analysis and response into actionable tasks
  • Play a key role in enhancing the CDC's ongoing improvement
  • Provide support for various operational tasks including vulnerability management and threat intelligence
  • Work closely with the continuous improvement lead to design and develop new and improve existing threat detection capabilities
  • During critical security incidents, join forces with the CSIRT to swiftly and decisively bring closure to these challenges
  • Fulltime
Read More
Arrow Right