Technology Specialist - CDO (Threat Prevention)

This job role of Threat Prevention Technology Specialist is positioned within the CDO Threat Prevention Product Team. The hierarchical reporting line is to the Chapter Lead Technology Specialist, while you have a functional (dotted) reporting line to the Product Owner Threat Prevention.

As we are part of Cyber Defense and Operations, the job role combines two aspects, the first is help developing and innovating our Threat Prevention capabilities, as a member of a team that uses Agile, Scrum & Sprints to deliver value increments for the Threat Prevention Product. The second aspect is Operations, which involves interacting and working together with internal teams and external suppliers on reducing and remediating risks such as software, (mis)configuration and (over)permission vulnerabilities in our landscape. The split between Innovation and Operation is around 80%/20% (we have other dedicated roles for our day-to-day operations), but you are part of bringing our operations to a higher level and help our operations colleagues when needed.

As a Threat Prevention Technology Specialist you contribute to many aspects of cyber threat prevention, such as (software) Vulnerability Management, Threat Advisories, (cloud/saas) Security Posture Management, Attack Surface Management, Attack Surface Reduction, Cyber Threat Intelligence (CTI), Over-the-network scanning (for vulnerabilities, web app weaknesses or PCI DSS compliance), Penetration Testing and more.

You will be working with well-known products and technologies such as Microsoft Defender XDR and ServiceNow SecOps Vulnerability Response, as well as lesser-known products for external Attack Surface Management and CTI.   In this job role you will be a team member of the Threat Prevention team and contributing to potentially releasable increments in each sprint, as well as contributing to the mid- and longer-term roadmap. You are working primarily in our Krakow office and expected to travel internationally a few times each year to stay aligned with colleagues abroad.

Your responsibilites would include:

• ensuring that our Threat Prevention solutions are enabling and (cyber) securing our business, like ensuring that identified vulnerabilities, misconfigurations, over-permissions are adequately assigned to the right groups of people that can remediate those
• vulnerability management, which involves many aspects, but all are to bring our organisation to a higher level of cyber resilience by means of lowering the amount of risk caused by vulnerabilities in software, systems and applications.
• guiding stakeholders (colleagues, suppliers, etc) in their day-to-day operational work in remediating vulnerabilities.

You are a good candidate if you have:

• bachelor’s degree in a related field or equivalent experience
• at least 5 years working experience in IT cybersecurity related roles (i.e. SOC, VM roles or similar)
• investigative and analytical problem-solving skills
• bring subject matter expertise in the area to cyber threat prevention and use that to guide operational teams to do the right thing, and to do things right
• understand technology and cybersecurity. If you have any relevant certifications that is a pre
• can-do and growth mindset, can-do mentality and eager to learn quickly
• can organise your own work (we call it being part of a self-managing team)
• can get-things-done, also when that involves others that need to do work
• understand and can practice Agile ways-of-working
• can do some coding (KQL, Python), ‘cheating’ by leveraging GenAI is fine
• understand concepts like CSPM, SSPM, CTEM, attack-paths and choke-points
• do have operational experience Vulnerability Management or Application Security
• knowledge and experience of Microsoft security products and ServiceNow SecOps Vulnerability Response is a BIG pre, but if your experience is with other similar products that is okay
• basic knowledge of industry standard security frameworks for information systems (NIST, ISO 27001/2, CSA, IEC 62443), the Cyber Kill Chain & MITRE ATT&CK framework
• can work together with people of many different cultures and backgrounds (we are quite a diverse organisation)
• understand capabilities such Attack Surface Management, Exposure Management and/or CTI aligned threat prevention
• skills in offensive cybersecurity (i.e. penetration testing, ethical hacking) are appreciated
• you are a team player, you help – and not afraid of asking for help – when that helps the team
• your English is good (doesn’t need to be excellent), written and verbal and not afraid of presenting to different audiences.