We are seeking a dedicated Security Incident Analyst (L1/L2) to join our Cyber Defense team, strengthening our ability to protect critical assets.
In this role, you will detect, investigate, and respond to security incidents while fostering continuous improvement of our security processes and tools.
Responsibilities
- Monitor networks and systems using tools such as SIEM, EDR, and native cloud technologies to identify potential security threats
- Perform thorough initial investigations of security events and escalate incidents to senior team members when necessary
- Support second-level response efforts, contributing to remediation and containment during major security incidents
- Document security incidents, reporting on key findings and actions taken to mitigate risks
- Assist in maintaining and refining incident response playbooks and operational procedures
- Collaborate with engineering teams to streamline alert handling and resolution of security issues
- Stay informed on emerging threats and contribute to the enhancement of detection rules and system capabilities
Requirements
- 2–3 years of experience as a SOC Analyst or Security Incident Analyst in a 24/7 operational setting
- Practical experience with SIEM platforms, EDR/XDR solutions, IDS/IPS, or firewalls
- Basic familiarity with AWS security tools such as GuardDuty and CloudTrail
- Understanding of incident response methodologies, including MITRE ATT&CK, Cyber Kill Chain, or NIST frameworks
- Strong communication skills, both written and verbal, with the ability to interact effectively with internal stakeholders
- Basic knowledge of scripting languages like Python, Bash, or PowerShell is a plus
- Flexibility to participate in on-call rotations as needed
Nice to have
- Familiarity with tools such as Google Workspace Investigation Tool, OpsGenie, or Okta
- Knowledge of cloud-based solutions like Amazon Detective or GCP Security Tools
- Experience using GitHub and Tenable for security-related tasks
We offer
-
We gather like-minded people:
- Engineering community of industry professionals
- Friendly team and enjoyable working environment
- Flexible schedule and opportunity to work remotely within Poland
- Chance to work abroad for up to 60 days annually
- Business-driven relocation opportunities
-
We provide growth opportunities:
- Outstanding career roadmap
- Leadership development, career advising, soft skills, and well-being programs
- Certification (GCP, Azure, AWS)
- Unlimited access to LinkedIn Learning, Get Abstract, Cloud Guru
- English classes
-
We cover it all:
- Stable income (Employment Contract or B2B)
- Participation in the Employee Stock Purchase Plan
- Benefits package (health insurance, multisport, shopping vouchers)
- Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
- Referral bonuses
- Corporate, social and well-being events
-
Please, note:
- The set of bonuses might vary based on the role you apply for – specifics will be discussed with our recruiter during the general interview.
- We will reach out to selected candidates exclusively.
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.