APPLY AS
Senior Information Security Engineer Incident Response
Location: Kraków
Be a part of a revolutionary change
At PMI, we’ve chosen to do something incredible. We’re totally transforming our business and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide.
With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions.
PMI’s journey to a smoke-free future is fueled by technology.
The total transformation we’re going through means that there are unique IT projects here to match all levels of skills and ambitions – from pace-setting global pilot projects to vital local updates. Whether you want to pursue a personal passion or build an international career, there’s space here to develop in any number of directions.
Join us in this role to take part in the formation of an international team of senior incident responders in one of the following locations: Buenos Aires ; Krakow – Poland ; Tokyo – Japan ; Seoul – Korea.
The Sr. InfoSec Engineer Incident Response, is part of PMI’s global CSIRT team and is involved in the management and investigation of Security Incidents that are related, but not limited to, Operational data, Intellectual property, Employee Information and Customer/Partner data.
The Sr. Infosec Engineer's primary role is to manage the reported incidents in the investigation process. Understanding of the breach vectors and the exposure, while leading the creation and execution of remediation plans for different levels of incident severity, and by cross-functional partnerships with IT and business stakeholders and other members of the Infosec Team. This role will also ensure a timely closure of the incident and provide an end to end root cause analysis with supporting documentation.
• Build and develop close working relationship with other PMI teams involved in Incident Response, Crisis Management, and Continuity management (e.g. Legal, Crisis Mgt, Privacy, Markets, other IT and InfoSec teams).
• Develop, maintain, and train other PMI teams on comprehensive incident response activities and plans; Run incident tabletop exercises with relevant stakeholders on regular basis.
• Collaborate with the Cyber Threat Intelligence team to evolve team towards Threat Intel. Driven Incident Response.
• Participate in the continuous improvement of procedures and playbooks to optimize analysis and response activities and cover new use cases, in collaboration with our SOC and Threat Defense Operations teams.
• Experience assembling and leading incident response teams/taskforces (plan, brief, execute, debrief)
• Experience analyzing breach vectors while leading creation and execution of containment, eradication & recovery plans
• Experience writing incident reports and present them to leadership at different levels
• Advanced understanding of Information Systems (e.g. SysAdmin level)
• Advanced understanding of IaaS and SaaS solutions (e.g. AWS, Azure, Salesforce…)
• Hands-on experience of Security tools (e.g. SIEM, DFIR tools, scripting…)
• Ability to Observe, Orient, Decide, Act under challenging conditions
• Ability to work in an "on call" status as necessary
• Ability to communicate to a technical and non-technical audience
• Interest to develop a culture of trust and growth-mindset within our team
• Seize the freedom to define your future and ours – we’ll empower you to take risks, experiment and explore
• Be part of an inclusive, diverse culture, where everyone’s contribution is respected; collaborate with some of the world’s best people and feel like you belong
• Pursue your ambitions and develop your skills with a global business – our staggering size and scale provides endless opportunities to progress
• Take pride in delivering our promise to society: to improve the lives of a billion smokers
- subsidized meals in company canteens
- remote work opportunity and flexible working arrangements
- employee pension plan
- multisport program
- holiday, cultural & Christmas bonus
- wide range of trainings, optional language classes, further education and professional qualification support possibility
- free bike and car parking for all employees
PMI SCE was established in late 2005 in Krakow and since then is increasingly serving PMI affiliates’ financial accounting, human resources (HR), Procurement and Information Services (IT) needs in Europe, Middle East and Africa.
At PMI, we’ve chosen to do something incredible. We’re totally transforming our business and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide.
With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions.
PMI’s journey to a smoke-free future is fueled by technology.
The total transformation we’re going through means that there are unique IT projects here to match all levels of skills and ambitions – from pace-setting global pilot projects to vital local updates. Whether you want to pursue a personal passion or build an international career, there’s space here to develop in any number of directions.
Join us in this role to take part in the formation of an international team of senior incident responders in one of the following locations: Buenos Aires ; Krakow – Poland ; Tokyo – Japan ; Seoul – Korea.
The mission
The mission of the Sr. InfoSec Engineer Incident Response is to lead preparation and response to Cyber Security Incidents.The Sr. InfoSec Engineer Incident Response, is part of PMI’s global CSIRT team and is involved in the management and investigation of Security Incidents that are related, but not limited to, Operational data, Intellectual property, Employee Information and Customer/Partner data.
The Sr. Infosec Engineer's primary role is to manage the reported incidents in the investigation process. Understanding of the breach vectors and the exposure, while leading the creation and execution of remediation plans for different levels of incident severity, and by cross-functional partnerships with IT and business stakeholders and other members of the Infosec Team. This role will also ensure a timely closure of the incident and provide an end to end root cause analysis with supporting documentation.
Your “day to day”
• Lead Incident Response activities following the Cyber Incident Management process (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned). Assembling and driving cross-functional Incident Response teams as needed.• Build and develop close working relationship with other PMI teams involved in Incident Response, Crisis Management, and Continuity management (e.g. Legal, Crisis Mgt, Privacy, Markets, other IT and InfoSec teams).
• Develop, maintain, and train other PMI teams on comprehensive incident response activities and plans; Run incident tabletop exercises with relevant stakeholders on regular basis.
• Collaborate with the Cyber Threat Intelligence team to evolve team towards Threat Intel. Driven Incident Response.
• Participate in the continuous improvement of procedures and playbooks to optimize analysis and response activities and cover new use cases, in collaboration with our SOC and Threat Defense Operations teams.
Who we’re looking for
• 2+ years previous experience in an incident response team in a senior role• Experience assembling and leading incident response teams/taskforces (plan, brief, execute, debrief)
• Experience analyzing breach vectors while leading creation and execution of containment, eradication & recovery plans
• Experience writing incident reports and present them to leadership at different levels
• Advanced understanding of Information Systems (e.g. SysAdmin level)
• Advanced understanding of IaaS and SaaS solutions (e.g. AWS, Azure, Salesforce…)
• Hands-on experience of Security tools (e.g. SIEM, DFIR tools, scripting…)
• Ability to Observe, Orient, Decide, Act under challenging conditions
• Ability to work in an "on call" status as necessary
• Ability to communicate to a technical and non-technical audience
• Interest to develop a culture of trust and growth-mindset within our team
What we offer
Our success depends on the men and women who come to work every single day with a sense of purpose and an appetite for progress. Join PMI and you too can:• Seize the freedom to define your future and ours – we’ll empower you to take risks, experiment and explore
• Be part of an inclusive, diverse culture, where everyone’s contribution is respected; collaborate with some of the world’s best people and feel like you belong
• Pursue your ambitions and develop your skills with a global business – our staggering size and scale provides endless opportunities to progress
• Take pride in delivering our promise to society: to improve the lives of a billion smokers
WE OFFER
- private medical and dental care, life insurance- subsidized meals in company canteens
- remote work opportunity and flexible working arrangements
- employee pension plan
- multisport program
- holiday, cultural & Christmas bonus
- wide range of trainings, optional language classes, further education and professional qualification support possibility
- free bike and car parking for all employees
JOIN A GLOBAL MARKET LEADER
Philip Morris International Inc. (PMI) is the leading international tobacco company, with seven of the world’s top 15 brands, including the number one cigarette brand worldwide. PMI’s products are sold in more than 180 Markets.PMI SCE was established in late 2005 in Krakow and since then is increasingly serving PMI affiliates’ financial accounting, human resources (HR), Procurement and Information Services (IT) needs in Europe, Middle East and Africa.
APPLY ON-LINE IN ENGLISH
Please note that only on-line applications will be taken into consideration. Only selected candidates will be contacted.

Please note that only on-line applications will be taken into consideration. Only selected candidates will be contacted.
