Apply now »

Job Title:  IDT Security Incident Response Manager

Job Number:  20060


Country: Poland
Location: Warsaw
Function: Information Technology
Level: Experienced Professional 
Grade: 36
Job Type: Permanent
Contractual Legal Entity: BAT Polska
Application deadline: 30.08.2019

IDT Security Incident Response Manager will be a technical expert, responsible for elements of incident response including: Responding to incidents, evidence collection and handling, digital forensic analysis, and remediation. 





  • Detecting and analyzing IT security threats, including intelligence-led threat hunting, which might include activities such as malware analysis, and creation of rulesets; 
  • Developing the team’s capabilities by developing or integrating tools or systems that can be used for analyzing evidence during an incident. 
  • During an incident, responsible for, Evidence collection, Digital forensic analysis; and Eradication, Containment, and Recovery activities.
  • Conducting Post Incident Response reviews to improve controls and to ensure the Information Security plan is updated to reflect 
  • Help with procedure for internally reporting and tracking IT security incidents, ensuring that incident response and escalation procedures are followed; inform all employees, contractors, and third-party users of their responsibility to report IT security incidents.  
  • Participate and/or oversee in the investigation and management of information security events, incidents and policy violations; track to conclusion and lessons learnt / recommendations.
  • Understand external and internal Cyber Threat Landscape and business agenda to be able to proactively point areas increased risk for security incidents,
  • Enforce stated policy for the notification and reporting of incidents immediately upon discovery.  
  • Develop and document corrective action plans and implement lessons learned to mitigate recurrence (problem solving/root cause analysis).
  • Review the process(s) regularly, including in relation to its dependencies (SIEM, IT incident management, IT Major Incident Management, Crisis Management); suggest and oversee implementation of improvements.
  • Provide technical expertise in security hardening method/setting to protect IT systems from infiltration and ability to determine how an IT system was broken into or recover lost files
  • Work with law enforcement agency to analyze data and evaluate its relevance to the case under investigation and ensure the evidence are preserved and transfer into a format that can be used for legal purposes (i.e. criminal trials) and potentially testify in court themselves
  • Providing on-call support on a rote basis.




  • Business & IT stakeholders 
  • Wider IT & Security team
  • External auditors & 3rd Party Vendors 





Qualifications and experiences


  • Education: Bachelor’s degree in computer science or information technology preferred;
  • Professional certification in IT Security or Forensic preferred – e.g. CFCE, CHFI, GCIH, GCFA or GCIA etc.;
  • 5 or more years of progressive information security and IT experience;
  • Experience in data recovery techniques such as recovery of data like documents, photos and e-mails from computer hard drives and other data storage devices, such as zip and flash drives, that have been deleted, damaged or otherwise manipulated;
  • Experienced in examination of computers that may have been involved in other types of crime to find evidence of illegal activity;
  • Intimate and up to date knowledge and experience of world class IT Security methods and best practice;
  • Familiar with use forensic tools and investigative methods to find specific electronic data, and provision with technical skills to hunt for files and information that have been hidden, deleted or lost;
  • Expertise in hacking and intrusion techniques and prior experience with security testing and computer system diagnostics;
  • Experience of working in a complex geographical/functional matrix organization
  • Skills in relationship management and influencing at all levels of the organization 
  • Extensive experience in IT related positions, with experience in managing teams and technical experts


Other Attributes


  • Have some management experience, as there may, in the future be scope for the Senior IT Incident Response Analyst to lead a team of analysts in the future;
  • Strong communications and writing skills and to have experience of communicating technical information to non-technical stakeholders;
  • Must be familiar with standard computer operating systems (Windows), networks and hardware as well as security software and document-creation applications; 
  • Excellent analytical skills, to be highly conscious of details and to be able to multi-task efficiently;
  • Experience of using 0365 for investigation purposes. An ability to conduct PowerShell queries in Azure.



British American Tobacco (BAT) is one of the World’s leading consumer goods companies, with brands sold around the globe. 
Our vision is to “Transform Tobacco” and our industry, so - during 2019 - we are setting up a new Tech Hub in Poland to support and drive our digital transformation. This is the start of the journey and we are looking for team player who is passionate about change and ready to support us in making digital part of our DNA.

Job Segment: Manager, Computer Science, Testing, Relationship Manager, Document Management, Management, Technology, Customer Service

Apply now »