Share this job
Digital Forensics & Incident Response
Apply for this job

Job Description: Forensic Analyst / Incident Response Officer

Location: Katowice, Poland (Remote-first with occasional on-site visits)

Industry: Steel Manufacturing

Employment Type: Full-time

About the Role

We are supporting a major steel manufacturing client in Poland in hiring cybersecurity professionals who can operate in either Digital Forensics or Incident Response — or across both specialisms. This is a remote-first role, open to candidates based anywhere in Poland, with only rare requirements to visit the client’s site in Katowice.

We are looking for individuals experienced with leading security technologies including SentinelOne, Darktrace, QRadar, and Nessus/Tenable. Candidates may come from either discipline (DFIR, SOC, IR, or Threat Hunting) as the client understands some skill sets overlap and can be matched to the right area.

Key Responsibilities

Core Responsibilities (Applicable to Both Roles)

  • Monitor, investigate, and respond to cybersecurity alerts using SentinelOne, Darktrace, and QRadar SIEM.
  • Perform in-depth security investigations and triage complex threats.
  • Support the ongoing enhancement of the client’s cybersecurity posture.
  • Work closely with internal IT, OT, and security stakeholders to ensure rapid and effective mitigation.
  • Use Nessus/Tenable for vulnerability assessments and ensure remediation tracking.
  • Prepare technical reports, findings, and recommendations for both technical teams and management.
  • Participate in the improvement of playbooks, response procedures, and detection use cases.

Forensic Analyst – Role-Specific Responsibilities

  • Conduct full digital forensics investigations across endpoints, servers, and network artefacts.
  • Collect, preserve, and analyse evidence following correct chain-of-custody procedures.
  • Perform malware analysis, memory forensics, and disk/artefact analysis as needed.
  • Document forensic methodologies and ensure repeatable, defensible investigative processes.
  • Provide detailed post-incident forensic reports, including root cause findings and attack-path mapping.

Incident Response Officer – Role-Specific Responsibilities

  • Lead or support live incident response efforts during security breaches or critical events.
  • Contain and eradicate threats in real time using SentinelOne, Darktrace, and SIEM data.
  • Coordinate communication between response teams, senior stakeholders, and external partners.
  • Drive post-incident reviews and contribute to strategic improvement actions.
  • Assist in developing proactive threat hunting activities and detection content.

Required Skills & Experience

  • 3+ years of experience in cybersecurity, preferably within DFIR, SOC, or IR functions.
  • Hands-on experience with:
  • SentinelOne EDR
  • Darktrace
  • QRadar SIEM
  • Nessus or Tenable.sc / Tenable.io
  • Strong investigative mindset with the ability to interpret complex security events.
  • Solid understanding of common attack techniques, threat actor behaviours, and MITRE ATT&CK.
  • Experience working in enterprise environments (industrial/OT experience is a plus).
  • Excellent written and spoken English (Polish language beneficial but not required).

Preferred Qualifications

  • Relevant certifications such as GCFA, GCFE, GCIH, GCIA, CEH, CHFI, or equivalent.
  • Experience within manufacturing, industrial, or critical infrastructure environments.
  • Knowledge of OT security concepts and ICS network behaviours.

What We Offer

  • Remote working flexibility anywhere in Poland.
  • Occasional travel only when essential.
  • Opportunity to work with advanced security tooling in a large industrial environment.
  • Supportive environment with room for upskilling and cross-training across DFIR and IR.
  • Competitive compensation and long-term engagement.


Apply for this job
Powered by