Cyber Threat Engineer - Global Threat Operations

About Level Blue (including Trustwave)

Level Blue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world’s most analyst‑recognized and largest pure‑play managed security services provider, Level Blue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. Following Level Blue’s acquisition of Trustwave, some roles may still appear under the Trustwave or “Trustwave, a Level Blue company” name in legacy systems.

These positions will be a part of Level Blue’s global security organization. Learn more at

A Cyber Threat Engineer is a member of the Threat Detection and Response (TDR) team within Trustwave Managed Security Services (MSS). This team specifically will act as the monitoring and response extension of a Digital Forensics and Incident Response Services (DFIR) team to provide 24/7 monitoring. In addition to possessing technical knowledge, a Threat Engineer interacts extensively with customers and partners using polite professional etiquette and serves as a technical point of escalation within TDR.

POLAND-based required

• Analyze escalated, complex cases involving a pattern of security events from endpoint detection and response technologies.
• Resolve intractable technical problems within managed security solutions as part of a sustained improvement project.
• Create, improve, and document processes for the management and monitoring of security solutions.
• Tune devices for blocking and reporting based on customer business need.
• Baseline threat detection devices for complex and potentially breached customer environments.
• Test and improve endpoint detection, protection, and response policies.
• Take responsibility for customer satisfaction and overall success of managed services.
• Timely respond to questions and concerns of the DFIR and client security teams concerning incident investigation and response.
• Adhere to policies, procedures, and security best practices.
• Resolve problems independently and understand appropriate documentation and escalation procedures.
• Perform rotating on‑call duties (nights/weekend rotations).
• Act as a mentor and escalation point for analysts within the Threat Detection and Response team.

• Cyber investigation and incident handling best practices
• Endpoint Detection and Response
• Unix/Linux and Windows system administration
• Current exploit and remediation techniques
• Threat Hunting and Investigation
• Web Services Administration
• Log collection and analysis tools

• Advanced Palo Alto Cortex XDR
• Intrusion analysis experience
• Incident handling and documentation
• Excellent customer service skills
• Excellent analytical thinking and problem‑solving skills
• Strong oral and written communication skills
• Self‑managed and team oriented
• Deadline and detail oriented
• Highly motivated

• English:
  Demonstrated Fluency

• Intermediate to advanced experience in Information Security related areas
• Certified in Security related Industry, Vendor or Professional Certification- GCIA, GCIH, Security+, OSCP, or CEH preferred.
• Certified in Vendor Specific Incident Handling and Investigation
  
  Certifications:
• Palo Alto Networks Systems Engineer:
  Cortex Associate
• Palo Alto Networks Systems Engineer:
  Cortex Professional
• Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA)
• Sentinel One Incident Response
• Crowdstrike Certified Falcon Responder (CCFR)

• A high school diploma or equivalent is required; a college or university degree is a plus.

• contract of employment
• sport card/ co‑financing of vacation
• life insurance
• medical insurance
• lunch card
• annual bonus
• employee assistance program (EAP)
• the employee pension scheme (PPE)

This role is open to candidates legally authorized to work in Poland. At Level Blue, including teams that previously operated as Trust, we support flexible work and bring people together in person for key moments based on role, team, and business needs.

Level Blue is committed to a culture of respect, inclusion, and equal opportunity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other status protected under applicable law.

To all agencies:
Please do not contact Level Blue or Trustwave employees outside of the Talent Acquisition team. Level Blue’s policy is to only accept resumes from agencies through its approved agency process and with a valid agreement in place. Any resume submitted outside this process will be considered the property of Level Blue, and no fee will be paid if a candidate is hired from such a submission.