What you will do

Cyber threats are constantly evolving, and we need experts to stay ahead. At ERGO Technology & Services, we’re looking for a Senior CSIRT Specialist to lead the security incident response process, support technical investigations, drive remediation, and strengthen our cyber resilience. You’ll play a key role in advancing ERGO’s security incident response maturity. If you’re passionate about protecting critical systems in a dynamic environment, we encourage you to apply.

How you will get the job done

• leading the overall incident response process, ensuring effective technical management and communication throughout
• proposing and coordinating rapid response actions to address security threats
• conducting and facilitating the incident response meetings with stakeholders and relevant teams
• tracking and coordinating the tasks performed by technical responders
• participating in technical investigations on an as-needed basis, primarily to support the team during high-demand periods
• defining and applying containment strategies
• driving remediation measures during security incidents
• preparing incident reports that detail incident response activities and technical results from investigations
• improving incident response playbooks and documentation
• identifying necessary actions during the entire security incident management process
• mentoring and supporting the development of junior team members

What we offer

Let's be healthy – medical package, sports card, and numerous sports sections – these are some of the benefits that help our employees stay in good shape.

Let's be balanced – work-life balance is a key aspect of a healthy workplace. We offer our employees flexible working hours, a confidential employee assistant program, as well as the possibility of remote working. However, staying at home with our in-office gaming room and dog-friendly office in Warsaw won’t be easy.

Let's be smart – we organize numerous workshops and training courses. Thanks to hackathons and meetups, our specialists share their expertise with others. Additionally, we have a wide range of digital learning platforms and language courses.

Let's be responsible – each year, we participate in several CSR activities, during which, together with our colleagues, we do our best to create a better future.

Let's be fun – company-wide bike races and soccer matches, film marathons in our cinema room or other engaging team-building activities – we got it covered!

Let's be diverse – every team member is valued, regardless of gender, nationality, religious beliefs, disability, age, and sexual orientation or identity. Your qualifications, experience, and mindset are our greatest benefit!

Requirements

• fluency in written and verbal English
• excellent communication and interpersonal skills
• more than 5 years of hands-on experience with hardware/software tools used in incident response, computer forensics, network security assessments
• deep knowledge in the IT & IT security area including network protocols, security technologies, security architecture, cyber security threats and vulnerabilities
• proven experience in cyber security incident management including but not limited to ransomware attacks, data breaches, and infrastructure compromise
• strong knowledge of the threat landscape including APT groups and attack tactics, techniques, and procedures
• deep expertise in incident documentation, incident reporting and transforming technical information to senior management language
• understating of security risk and mitigation strategy for IT infrastructure
• strong knowledge of security processes, standards, and frameworks (SANS, NIST, etc.)
• strong ability to work in a multinational and complex environment
• ability to coordinate people in different locations and at different stakeholder levels
• ability to stay focused, keep calm and work under pressure
• strong analytical and problem-solving skills

Nice to have

• Bachelor's or Master's degree in IT/Business IT/Computer Science or a similar area
• CISSP/ GCFA/ GCIA/ GCFE/ GNFA/ GREM/ GCIH/ CISM or similar certification
• scripting skills (Python, Visual Basic, Bash, Powershell, etc.)