The Security Operations Analyst is responsible for monitoring, analyzing, and responding to security incidents to protect the organization’s digital assets and infrastructure. By proactively identifying threats and vulnerabilities, they play a critical role in minimizing risk and ensuring business continuity.

This position reports to the Senior Manager, Security Operations and is part of the Information Security Team which operates globally. This will be an on-site role, based at our office in Kraków, Poland working as part of a global team.

At Cytiva, our vision is, to advance future therapeutics from discovery to delivery.

Security Operations Analyst

What you will do:

  • Perform advanced security incident analysis and digital forensics to identify threats and mitigate risks.

  • Lead complex security investigations, including malware analysis, network traffic analysis, and endpoint detection.

  • Provide guidance to L1 and L2 SOC analysts, improving the quality of information coming into the Security Operations team.

  • Investigate and respond to escalated security incidents in a timely manner.

  • Collaborate with our engineering teams to optimize and fine-tune SIEM (e.g., Splunk, Microsoft Sentinel, Elastic Security) and other security tools.

  • Conduct proactive threat hunting to uncover hidden threats and vulnerabilities within the organization.

  • Partner with other IT and security teams to improve the organization's security posture.

  • Produce detailed reports and recommendations for remediation and security improvements, including hosting post incident reviews with wider technical teams.

Who you are:

  • Minimum 5+ years of experience in a corporate IT environment, with at least 2 years in an L3 or senior analyst role.

  • Deep knowledge of security frameworks such as MITRE ATT&CK, NIST, CIS Controls, and ISO 27001.

  • Experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, ArcSight) and EDR/XDR solutions. Vendor certifications are a plus.

  • Hands-on experience with incident response, threat hunting, and forensic investigations.

  • Familiarity with cloud security (AWS, Azure, Google Cloud) and modern attack techniques. Certifications such as OSCP, CEH are a plus.

It would be a plus if you also possess previous experience in:

  • Scripting and automation (Python, PowerShell, Bash) to improve SOC processes.

  • SME in EDR, SIEM, UBA, DLP or Data Security.

  • Operation Technology (OT) environments.

Join our winning team today. Together, we’ll accelerate the real-life impact of tomorrow’s science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.

For more information, visit www.danaher.com.