View All Jobs 118025

Senior Consultant W Zespole Cybesecurity Operations

Lead incident response and threat hunting initiatives to mature the cybersecurity operations team
Warsaw
5 days ago
EY

EY

Provides global assurance, tax, consulting, and strategy services to help organizations improve performance, manage risk, and drive transformation.

Senior Consultant W Zespole Cybersecurity Operations

Location: Warszawa

Salary: Competitive

We are looking for experienced and ambitious individuals for the position of Senior Consultant in the Cybersecurity Operations Team, who would like to implement projects in the following areas:

Incident Response/Security Operations – monitoring and responding to cybersecurity incidents, conducting analyses, coordinating corrective actions, preparing incident reports.

Threat Hunting/Compromise Assessment – conducting independent threat hunting activities using various tools, building hypotheses, executing scenarios, preparing final reports.

Purple Teaming – collaborating with Red Team teams, verifying available logs, collaborating with engineering teams to increase attack visibility in the client's environment.

Use Case Development – building detection and correlation rules based on threat intelligence data, gathering client requirements, creating and testing logic, fine-tuning rules.

Required experience/skills for this position:

Minimum 3 years of experience in the area of Incident Response or Security Operations, including practical participation in handling security incidents, log analysis, and implementing incident response processes.

Experience in conducting threat hunting and compromise assessment activities – ability to build hypotheses, use tools for data analysis and correlation, prepare final reports.

Practical knowledge of SIEM, EDR, and SOAR tools (e.g., CrowdStrike Falcon, Splunk, Cortex XSOAR, Microsoft Sentinel) – ability to analyze logs, create and optimize detection rules.

Experience in conducting Purple Team exercises – collaboration with offensive teams, log verification, recommending improvements in attack visibility and detection.

Ability to build and develop detection use cases – gathering requirements, designing logic, testing and tuning detection rules.

Participation in projects transforming the functioning of the SOC (e.g., increasing process maturity, reorganizing the operational model).

Knowledge of attack taxonomies and models such as MITRE ATT&CK and cyber kill chain.

Knowledge of basic network protocols (TCP/IP, DNS, HTTP) and their use in the context of security.

Analytical thinking ability, creativity, and independence in solving problems.

Ability to work in a team, effective communication, and collaboration with the client.

Knowledge of English at a minimum level of B2/C1 (working in an international environment).

Additional advantages will be:

Experience in projects implementing or migrating security systems (e.g., launching new SIEM/EDR platforms or improving existing ones) and adapting them to the needs of the organization.

Ability to script programming (e.g., Python) for automating tasks and creating custom tools.

Experience in working with international clients or in a globally-oriented environment.

Industry certifications in the field of cybersecurity (e.g., GIAC, OSCP, CISSP, CEH, E|CIH).

+ Show Original Job Post
Suggest a correction
























Senior Consultant W Zespole Cybesecurity Operations
Warsaw
Operations
Apply to job
About EY
Provides global assurance, tax, consulting, and strategy services to help organizations improve performance, manage risk, and drive transformation.