Cyber Defense GSOC L3 Analyst

Twój zakres obowiązków:Lead incident response — oversee investigation, containment, and eradication of cybersecurity threats; identify and implement mitigation actions; escalate high‑severity incidents and ensure proper handlingGuide and manage the team — line-manage 5–10 L1/L2 analysts through coaching, mentoring, performance reviews, and operational planning for 24/7 SOC coverageDrive technical excellence — lead threat hunting through log analysis and SIEM/UEBA/EDR tools; apply threat intelligence; review tuning recommendations; support complex investigations and on‑call escalationEnsure operational quality — conduct quality audits of L2‑handled incidents, support handover calls, maintain up‑to‑date playbooks/runbooks, and identify improvements including automation opportunitiesCommunicate effectively — brief security leadership on key incidents; collaborate with global SOC teams, technical stakeholders, and business functions such as GRC, Legal, and AuditNasze wymagania:Experience & expertise — 6+ years in a mature SOC/Cyber Defence environment, with strong troubleshooting, investigation, and decision‑making skills under pressureTechnical proficiency — hands‑on use of SIEM/UEBA/EDR; ability to analyze logs, correlate data, reconstruct attack timelines, and use tools like Wireshark, Python, PowerShell, EDR telemetry, and network forensics solutionsCommunication skills — excellent written and verbal English, ability to explain findings to both technical and non‑technical audiences, and produce structured reportsLeadership & teamwork — proven ability to guide, mentor, plan workload, support training programs, and coordinate across global teams in a 24/7 environmentKnowledge base — strong understanding of attack methods; working knowledge of Linux/macOS/Windows; familiarity with broader IT areas (WAF, databases, Active Directory, DLP, firewalls, proxies). Security/network certifications are a plusTo oferujemy:Flexible work model – possibility to work primarily from homeTeam‑based environment with a strong culture of knowledge sharingGrowth opportunities – access to WTW’s global expertise and resourcesGreat working atmosphere – a supportive team and a culture built on mutual respectSecurity and stability – employment under a full‑time contract in a leading international brokerage firmComprehensive benefits package funded by the employer, including bonus and incentive systemsBenefity:Prywatna opieka medycznaKafeteria benefitów & MultisportEmployee Assistance ProgramUbezpieczenie na życieHybrydowy model pracyVolunteer DayDofinansowanie do okularówDofinansowanie nauki językówMożliwości uzyskania uprawnieńRecognition HUBŚwiadczenia socjalne ZFŚSPPE