Cybersecurity IR Analyst

Nielsen is the industry’s most trusted data analytics solution for video content across all platforms and devices. We follow modern security practices to uphold the privacy and security of all our data and systems.

We are currently looking for a talented Cybersecurity Analyst interested in joining our Cyber Security Incident Response team. In this role you will be investigating, responding to, and triaging threats and incidents while helping to improve our overall security capabilities. This role needs to be able to communicate and collaborate professionally with other members of the organization from end users to senior management in order to resolve these threats.

This role can be done remotely within Poland. We also have an office in Warsaw if candidates would prefer working from an office.

• Strong problem solving abilities that help to drive forward incidents to completion and help keep Nielsen secure
• Effective communication skills to collaborate with key stakeholders and translate technical jargon into understandable terms
• Stay current on new attack vectors, technologies, tools, and best practices as they change over time
• Open mind and keen eye for details to detect anomalies and potential security issues others may overlook
• Passion for cybersecurity and commitment to safeguarding an organization from threats
• Experience with Cybersecurity Incident Response, Digital Forensics, Timeline Analysis or related
• Experience or knowledge of current information security solutions and technologies, including cloud, network and host based products
• Effective and efficient investigative skills across multiple technologies
• Excellent verbal and written communication skills including continuous, proactive communications to management, peers, and stakeholders while working on incidents
• Ability and willingness to continually learn and hone cybersecurity skills
• Cybersecurity certifications preferred (e.g. CISSP, Sec+, SANS/GIAC)
• Familiarity with Python and PowerShell a plus
• Experience automating tasks via scripting or other tools (Tines, or similar SOAR) a plus
• Experience with Security Incident and Event Management (Devo, Splunk, or similar)
• Experience with Network Intrusion Detection Systems (OSSEC, Juniper, Palo Alto, or similar)
• Experience with Endpoint detection and response (CrowdStrike, Defender, or similar)
• Experience with Enterprise level E-Mail security (Google, O365, or similar)
• Experience with Digital Forensics and Incident Response tools (Cado, EnCase, FTK, or similar)
• Experience with most operating systems (Windows, Linux, MacOS)
• Experience with Public cloud/PaaS (e.g. AWS, GCP, Azure)
• Experience with Virtualization and Containers (VMware, Docker, Kubernetes, or similar)

• Perform host/network based forensic investigations to collect and preserve evidence related to incidents
• Managing incoming queues of detection alerts, threat reports and security incidents
• Interact with our Managed Security Service Provider (MSSP) to investigate and resolve issues
• Prioritizing and triaging competing incidents to maintain Service Level Agreements (SLA)
• Managing investigations including escalation, organizing unstructured work and engaging resource teams across the company
• Managing urgency and visibility to ensure timely response by all involved parties
• Owning an incident for its full lifecycle, including after action reviews and follow up actions
• Communication and coordination with other cyber security professionals, internal teams, and law enforcement agencies as needed to address incidents and threats
• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response
• Create and maintain documentation including incident response plans, standard operating procedures, and knowledge base articles
• Rotating on-call coverage

This role can be done remotely within Poland.