Global CERT Security Analyst

Securitas is looking for multiple Cyber Security Analysts to join the new Global Computer Emergency Response Team (CERT) within Securitas.
Scroll to content

Securitas is establishing a Global CERT in order to organize Security Operations at a global scale. This globally operating function is focused on the following activities:

  • Vulnerability Management across tools, processes and organization;
  • Security Monitoring of the IT Environment both on-premise as well as in the cloud;
  • Security Incident Management to handle security incidents across the Securitas Group;
  • Cyber Threat Intelligence to acquire the knowledge about IOCs, TTPs and threat landscape evolutions that is needed to maintain a world class Cyber Defence practice;

Are you an experienced Cyber Security Analyst that is versed across these four functional domains? Do you have an appetite to operate at a global scale? Are you passionate about co-creating the Securitas Cyber Defence practice and are you energized by the opportunity to optimize digital security in a rapidly changing organization? Then maybe this is something for you? 

Job Description 📃

You are responsible for operating the four functions of Cyber Defence in this growing team. You will work closely with other IT functions to ensure that your findings and actions are swiftly acted on across the organization.

You will report to the head of CERT and functionally, via the Head of CERT into the Chief Digital Security Officer of the group. Your reporting will be focused on operational execution of your activities and any improvements that can be introduced. Within the team of the Chief Digital Security Officer you will have a security capability architect counterpart that will take your input to factor into the strategic development and planning for the capability.

The global CERT will have several geographical locations. The business language to be used for communication is English.

Your Profile and Qualifications ✔

To succeed in this role, we believe that you need to be a pro-active and people-centric individual. You have robust SecOps analytical capabilities and are comfortable identifying and challenging assumptions in your reasoning. Your style of communication is engaging and educational. You are comfortable giving expert advice to various levels in the organization and you actively seek input from your expert peers.

Relevant domain competences and experience we seek:

Vulnerability Monitoring:

  • Familiarity with enterprise-class vulnerability management architectures and solutions, incl. e.g. Tenable, Qualys, Nessus;
  • Ability to integrate vulnerability information into standard IT Asset Management;
  • Able to hunt environments to identify suspicious / malicious behavior that was missed by automated alerts / signature-based detection;
  • Experience with offensive security tools & techniques (e.g. Metasploit, Empire, Covenant,…);

Security Monitoring:

  • You have some initial experience (e.g. 1 to 2 years) working in a security monitoring function (working with ArcSight, Splunk, Q-Radar, Elastic,…)
  • Excellent working knowledge of computer networks (TCP/IP) & operating systems (Windows, Unix,…)
  • Good knowledge of key log types commonly seen in corporate environments (Windows event logs, Sysmon, proxy logs, DNS logs…);
  • Able to analyze logs of different sources including endpoints, cloud applications, network devices and even raw network traffic;
  • Able to triage alerts based on criticality;
  • Able to finetune existing rules / use cases to optimize automated detection capability;
  • Basic understanding of enterprise class security monitoring architectures;
  • Fundamentally understand how attackers operate (e.g. able to explain how a typical attack chain works);
  • Experience / knowledge of MITRE ATT&CK as a common framework to describe adversary techniques;

Incident Response:

  • A robust understanding of security incident response stages and requirements;
  • Ability to operate under pressure and uncertainty;
  • Experience of and ability to drive global escalations within complex organizations with multiple suppliers;

At least 1 relevant Professional Certification: GCDA (GIAC Certified Detection Analyst), GMON (GIAC Continuous Monitoring Certification), GCFE (GIAC Certified Forensic Examiner), GCFA (GIAC Certified Forensic Analyst), GCIA (GIAC Certified Intrusion Analyst), GCED (GIAC Certified Enterprise Defender), GPPA (GIAC Perimeter Protection Analyst), GCCC (GIAC Critical Controls Certification), GDAT (GIAC Defending Advanced Threats)

Our Offer ✔

  • Working with and learning from a group of peers that are deep experts in their field;
  • Operational oversight over the IT infrastructure of a +$10bn company employing +360.000 people worldwide;
  • Your personal 5+5 learning budget ($5.000 and 5 days) every year.
  • An attractive and market-aligned reward package

Learn more about our GDC Warsaw


Or, know someone who would be a perfect fit? Let them know!



Postępu 6
02-676 Warszawa Directions View page

We Make A Difference Every Day!

We work in an international, explorative, hands-on and dynamic business environment with customers and users in focus. 

Our core values: Integrity, Vigilance and Helpfulness - are foundations that enable us to build trust with customers, colleagues, partners and our community.

We love going to work and doing what we do.

Already working at Securitas?

Let’s recruit together and find your next colleague.

  • Adela Misiak
  • Anlai Gao
  • Anna Nobel
  • Anna Tiberg
  • Bodil Höglund
  • Carl Frölund
  • Caroline Lengholm
  • Daniel Dudek
  • Daniel Sandberg
  • Elin Mellberg

Applicant tracking system by Teamtailor