IT Security Specialist (Cyber Defence Center), Warsaw or Gdynia
We are now looking for an IT Security Specialist with technical capabilities and experience in IT security.
In Nordea, we’re harnessing the power of technology to reinvent the future of banking. A tech revolution is underway – and you can make an impact. Though we’re a Nordic bank, we’re also one of the largest IT employers in Tricity and Warsaw. Working with international teams in an inspiring working environment, you’ll have lots of opportunities to expand your skills and advance your career.
About this opportunity
As an IT Security Specialist in Nordea, you will be working with security infrastructure solutions and systems, protecting the business applications. An important part of the job is to monitor security threats against Nordea and initiate proper security measures to mitigate such threats. Included in the work is also supporting with IT security related incident handling and computer forensics investigations. The role will require interfacing towards internal stakeholders in business and IT and external suppliers mainly on a technical level. Working in shift schedule is required.
What you’ll be doing:
- Continuous monitoring of security infrastructure components and alerts
- Triage of security alerts
- Ticketing and workflow systems, including dispatching alerts and creating tickets
- Collection of information and initiating and supporting tier 2 security incident responders
- Adherence to work instructions and procedures
Who you are
Experience in working with the following areas is a strongly recommended for this position:
- Real-time monitoring of security infrastructure components and alerts. Triage of security alerts. Supporting tier 2 security incident responders
- Escalate unresolved problems to higher level of support including incident response
- Improve correlation rules to ensure that the monitoring policy allows and efficient detection of potential incidents
- Define dashboards and reports for reporting on KPIs
- Contribute to the design of the overall monitoring architecture in close relationship with system owners
- Produce and maintain accurate and up-to-date technical documentation, including processes and procedures related to security alerts and incidents
- Ability to explain complex technical concepts to non-technical people
- GIAC GSEC, CEH (would be considered as an advantage)
- Strong knowledge of security technologies such as SIEM, Firewalls, Proxy, IDS/IPS and Endpoint protection
- Proficiency in working with Windows & Unix/Linux operating systems
- Solid understanding of MITRE ATT&CK framework
- Solid understanding of the cyber kill-chain
- Practical experience with Splunk (would be considered as an advantage)
- Practical experience in Python scripting (would be considered as an advantage)
Professional understanding of IT and IT security is needed. You are naturally interested in updating yourself on the latest security threats and trends. You always think about the wider context of things and consider the total risk for the bank.
Fluency in the English language is a requirement. To be an integral part of a diverse and distributed team, it is also expected that you are self-initiating, an excellent team player, work with integrity and are able to support your colleagues.
A University degree is required. To excel in this position, you must have a keen interest in cyber security and be able to see the wider context of things.