Cyber Threat Detection & Response Engineer

Cyber Threat Detection & Response Engineer

PL

Senior

What We Expect of You

We are seeking an experienced (Middle+) Cyber Threat Detection & Response Engineer to join our cybersecurity team. The selected candidate will provide incident response services, including advanced investigation, containment, remediation, and coordination across stakeholders.

Duties:

• Act as a SOC analyst, investigate and analyze security incidents escalated from L1/L2, including malware, phishing, and suspicious behavior across endpoint, network, or cloud environments.
• Perform containment and remediation actions in coordination with senior analysts or incident response leads.
• Contribute to the development and tuning of detection logic (e.g., SIEM correlation rules).
• Support root cause analysis and assist with post-incident documentation and reporting.
• Participate in refining incident response procedures and updating playbooks.
• Collaborate with Threat Intelligence, Red Team, and other cybersecurity teams to enrich incident context and improve detection capabilities.
• Stay informed on current threats, attack techniques (e.g., MITRE ATT&CK), and security tools.

Competencies:

• 3+ years of hands‑on experience in a SOC or incident response role;
• 5+ years total in cybersecurity.
• Strong understanding of cybersecurity fundamentals, attack vectors, and the incident lifecycle.
• Demonstrated experience investigating and responding to security incidents in enterprise environments.
• Skilled in event triage, basic malware analysis, threat hunting, and forensic techniques.
• Proficient with SIEM platforms (e.g., Splunk, QRadar, Sentinel) and EDR tools (e.g., CrowdStrike, Defender for Endpoint).
• Comfortable analyzing logs from endpoints, servers, network devices, and cloud platforms.
• Working knowledge of SOAR tools, scripting (Python, PowerShell), and core networking protocols (TCP/IP, DNS, HTTP/S).
• Familiarity with cloud security monitoring (AWS, Azure, or GCP).
• Understanding of MITRE ATT&CK and incident handling frameworks like NIST or ISO 27035.
• Strong analytical thinking, attention to detail, and clear written communication.

Nice to have:

• Relevant certifications (e.g., CySA+, GCIA, GCIH, GREM) are a plus.

Project Description

Our offer:

• Possible fully remote, office, or hybrid work.
• Great office space.
• Permanent employment, the possibility of a B2B contract.
• Work tools.
• Good working atmosphere.
• Additional health insurance.
• Sport card.
• Trainings and certifications.
• Corporate and wellbeing events.
• Souvenirs and presents.

We have over 30 years of experience in providing comprehensive solutions in various industries. During this time, we have achieved success in over 2,000 projects and established development centers in several countries in Europe, the United States, Africa, and Asia. IBA Group develops and integrates custom software, implements proprietary and vendor solutions, and offers technical support and consulting. Fundamental areas: mainframe software, corporate and mobile applications, web, SAP and other ERP, BI, and IBM Tivoli systems.