Operator/ka SOC

Centrum Informatyki Statystycznej is a public administration organization offering stable employment and projects related to teleinformatics security and cybersecurity.

• Knowledge of cybersecurity and teleinformatics system security
• Understanding of network protocols and services, especially HTTP/HTTPS, DNS, DHCP, SMTP, IMAP, POP3, SSH, ICMP, SNMP, syslog, NTP
• Basic knowledge of Windows and Linux operating system administration
• Ability to analyze logs and identify potential security threats
• Knowledge of IT environment threats and basic detection and mitigation methods
• Higher education in IT, teleinformatics, or related field
• English language proficiency sufficient to use technical documentation
• Analytical thinking, ability to work under pressure, independence, responsibility, good work organization, interpersonal communication, and teamwork skills
• Willingness to improve professional qualifications and work in shift system in the future

Additional requirements:

• Professional experience in IT or cybersecurity
• Knowledge of SIEM, EDR/XDR, SOAR, Zabbix, or IT infrastructure monitoring tools
• Knowledge of vulnerability analysis and network security
• Basic knowledge of security process automation and playbook handling is an advantage
• Experience working in SOC or handling security incidents is an advantage
• Knowledge of Bootstrap, Material Design
• Knowledge of WWW standards (XML, HTML, CSS, JavaScript)
• Knowledge of Web Services and API
• Minimum one year professional experience as Web Developer (Bootstrap)
• English language proficiency for reading technical documentation
• Reliability, responsibility, work organization, goal orientation, interpersonal communication, cooperation, creativity, and analytical thinking
• Additional assets: knowledge of C#, Git, SQL

• Monitor teleinformatics security events and incidents using SIEM, EDR/XDR systems, and IT security support tools
• Analyze and correlate security events to identify potential threats and cybersecurity incidents
• Handle security incidents including registration, classification, prioritization, and escalation according to SOC procedures
• Conduct preliminary analysis of detected incidents and prepare reports and recommendations
• Administer and maintain selected SOC environment components, including SIEM and IT infrastructure monitoring systems
• Analyze reports from security systems including vulnerability scanners
• Handle teleinformatics security-related requests
• Collaborate with system administrators, IT support teams, and service and system providers
• Participate in ongoing activities related to the maintenance and development of the Operational Security Center
• Perform other tasks within the department's scope

Only candidates with higher education in IT, teleinformatics, or related fields are considered. English language proficiency is required for technical documentation. Willingness to work in shifts in the future is expected.