Cyber Defense GSOC L3 Analyst

Twój zakres obowiązków: • Lead incident response — oversee investigation, containment, and eradication of cybersecurity threats; identify and implement mitigation actions; escalate high‑severity incidents and ensure proper handling • Guide and manage the team — line-manage 5–10 L1/L2 analysts through coaching, mentoring, performance reviews, and operational planning for 24/7 SOC coverage • Drive technical excellence — lead threat hunting through log analysis and SIEM/UEBA/EDR tools; apply threat intelligence; review tuning recommendations; support complex investigations and on‑call escalation • Ensure operational quality — conduct quality audits of L2‑handled incidents, support handover calls, maintain up‑to‑date playbooks/runbooks, and identify improvements including automation opportunities • Communicate effectively — brief security leadership on key incidents; collaborate with global SOC teams, technical stakeholders, and business functions such as GRC, Legal, and Audit Nasze wymagania: • Experience & expertise — 6+ years in a mature SOC/Cyber Defence environment, with strong troubleshooting, investigation, and decision‑making skills under pressure • Technical proficiency — hands‑on use of SIEM/UEBA/EDR; ability to analyze logs, correlate data, reconstruct attack timelines, and use tools like Wireshark, Python, PowerShell, EDR telemetry, and network forensics solutions • Communication skills — excellent written and verbal English, ability to explain findings to both technical and non‑technical audiences, and produce structured reports • Leadership & teamwork — proven ability to guide, mentor, plan workload, support training programs, and coordinate across global teams in a 24/7 environment • Knowledge base — strong understanding of attack methods; working knowledge of Linux/macOS/Windows; familiarity with broader IT areas (WAF, databases, Active Directory, DLP, firewalls, proxies). Security/network certifications are a plus To oferujemy: • Flexible work model – possibility to work primarily from home • Team‑based environment with a strong culture of knowledge sharing • Growth opportunities – access to WTW’s global expertise and resources • Great working atmosphere – a supportive team and a culture built on mutual respect • Security and stability – employment under a full‑time contract in a leading international brokerage firm • Comprehensive benefits package funded by the employer, including bonus and incentive systems Benefity: • Prywatna opieka medyczna • Kafeteria benefitów & Multisport • Employee Assistance Program • Ubezpieczenie na życie • Hybrydowy model pracy • Volunteer Day • Dofinansowanie do okularów • Dofinansowanie nauki języków • Możliwości uzyskania uprawnień • Recognition HUB • Świadczenia socjalne ZFŚS • PPE