Senior SOC Analyst - Incident Response

Introduction

Important note: This role is a remote opportunity tied to our legal entity in Poland. Candidates must be physically located in Poland and legally authorized to work in Poland to be considered. We are unable to consider applicants based outside the country of hire.

About Us

Innovation starts from the heart. At Edwards Lifesciences, we’re dedicated to developing ground-breaking technologies with a genuine impact on patients’ lives. At the core of this commitment is our investment in cutting-edge information technology. This supports our innovation and collaboration on a global scale, enabling our diverse teams to optimize both efficiency and success.

Job Description

As part of our IT team, your expertise and commitment will help facilitate our patient-focused mission by developing and enhancing technological solutions. As an Edwards Sr. Analyst, Incident Response for Information Security, you will contribute to protecting Edwards organization, applications, and products by responding to security threats, designing, and implementing detection use cases and threat hunts and managing log sources onboarding.

Responsibilities

• Serve as key escalation tier (level 2 analyst) for on-call incident response resources
• Perform complex investigations as a part of Edwards active security monitoring and threat hunting operations within SLAs
• Drive and design response and remediation actions to protect against security threats in Edwards environments and products
• Lead data ingestion efforts from identifying gaps, onboarding data sources, tuning and correlating them
• Lead the design, testing and implementation of detection use cases to production
• Help drive threat hunting program
• Responsible for operations and maintenance of key cyber security capabilities and services in Detection Response area – SIEM (Google SecOps, Splunk, Qradar etc), Log Collectors (WEF, Cribl, NXLog etc)
• Design automation workflows to streamline detection and response efforts
• As needed, participate in CIRT team efforts
• Provide coaching, mentoring, and knowledge transfer to other team members
• Document and maintain incident response technical playbooks and incident timelines
• Staying informed on the evolving cyber security landscape