(Senior) Cybersecurity Engineer, Incident Response

Permanent

Job Description

Create moments that matter. Decode the future.

At the Electrolux Group, a leading global appliance company, we strive every day to shape living for the better for our consumers, our people and our planet. We share ideas and collaborate so that together, we can develop solutions that deliver enjoyable and sustainable living.

Come join us as you are. We believe diverse perspectives make us stronger and more innovative. In our global community of people from 100+ countries, we listen to each other, actively contribute, and grow together.

Join us in our exciting quest to build the future home!

All about the role:

As software is playing an increasingly significant role in enabling digital consumer experiences, we are gearing up to become more agile, faster in responding to market demands and quicker in identifying new market opportunities. This involves elevating our appliances to digital, software-defined products in a seamless integration of mobile apps, connectivity platform and a connected appliance.

We’re looking for a (Senior) Cybersecurity Engineer, Incident Response, to join us on our journey.

What you'll do:

Contribute to defining security incident-response processes and supporting systems for Electrolux Digital Experience; formulate and evangelize long-term strategy for responding to cybersecurity and privacy incidents within the connectivity domain, targeting scale of tens of millions of devices.

In detail, you will:

• Architect and design scalable processes and systems for preventing, detecting, investigating, and responding to cybersecurity incidents and data breaches within the Digital Experience domain.

• Carry out cybersecurity reviews and design and drive adoption of damage-mitigation and incident-response plans, working together with Architects, Engineers, Developers and Product Managers.

• Drive adoption of systems that continuously monitor for security breaches; investigate cybersecurity incidents, their causes and extents; engage in damage mitigation; report incidents to stakeholders and conduct post-mortem analysis to drive improvement.

• Help evaluate, setup and evolve SIEM systems and SOC/PSIRT processes and teams.

• Identify and communicate current and emerging Cybersecurity and Privacy gaps in existing and proposed architectures and processes, recommend remedies or enhancements; help ensure compliance to standards like ISO 27001, NIST, NIS2, GDPR or EU Data Act, Group directives and best practices;

• Engage with Cybersecurity stakeholders (e.g. Group CISO, Data Protection Office, Legal) in formulation of long-term cybersecurity incident-response strategy in the Digital Experience domain; track and provide guidance to product teams on incident detection and mitigation best practices, emerging threats and innovative solutions.

Who you are:

• You must have a good understanding of core cybersecurity principles, IoT-systems architecture and incident-response systems and procedures, at scale.

• You have hands-on experience with logging and monitoring/SIEM systems such as Splunk, Qradar, Datadog, FortiAnalyzer and/or IRP systems such as TheHive;

• You have a good understanding of methods of access control (e.g. RBAC, principle of least privilege), threat intelligence platforms (MISP, STRIDE),  cryptographic primitives and their use, cloud computing and networking as well as of the secure development lifecycle.

• Expertise is necessary in some of the advanced cybersecurity and privacy topics: data protection at rest and in transit, especially in cloud-based environments; identity and access management; security threat modelling and risk assessment; cybersecurity and privacy best-practices and regulations (GDPR, EU Data Act, OWASP, NIST, NIS2).

• Experience with Agile development methods and tools such as Atlassian SaaS is an advantage.

• 3+ years of experience in architecting security incident-response procedures and supporting systems, in relation to Digital Products; 5+ years of professional experience in Cybersecurity. Bachelor's Degree in Computer Science or Electronic Engineering, or comparable experience. Cybersecurity specialization or Master/PhD degree is a plus.

You demonstrate:

• Collaboration - contributes to a highly collaborative environment that enables a cross functional team to flourish.

• Communication - effectively exchanges information and ideas with confidence and respect, able to demonstrate progress, raise issues and articulate changes on a frequent basis. 

• Empathy - can understand and acknowledge the emotions and perspectives of others during conversations.

• Problem-Solving - able to connect the dots between insights, strategy, and conceptual direction; is outcome - as opposed to task - orientated.

• Adaptability & Resilience - can effectively navigate change, challenges, and setbacks while maintaining a positive and flexible approach. 

• Proactivity - eager to learn and grow, sees challenges as opportunities, seeks and - is responsive to - feedback.

• Responsibility - accountable, reliable, and proactive in building systems and handling dependencies, contributing to a trustworthy and effective team dynamic.

Where you'll be:

This is a full-time position, with a preferred location in Warsaw, Poland. We may also consider exceptional candidates at our Global Headquarters in Stockholm (Sweden), Porcia/Forli (Italy) or Prague (Czech Republic).

Regardless of the chosen location, you will be part of a dynamic international team where English is the natural language.

Benefits highlights:

• Flexible work hours/hybrid work environment

• Discounts on our award-winning Electrolux products and services

• Family friendly benefits

• Insurance policy plan

• Extensive learning opportunities and flexible career path

As part of Electrolux, we will continuously invest in you and your development. There are no barriers to where your career could take you.

Find out more on:

ElectroluxGroup: https://www.linkedin.com/company/electrolux/life/lifeatelectrolux

Please note that this is not an open recruitment process, we are collecting applications for future opportunities.