Senior Cyber Incident Response Engineer (CSIRT)

Atos Group is a global leader in digital transformation with c. 67,000 employees and annual revenue of c. €10 billion, operating in 61 countries under two brands - Atos for services and Eviden for products. European number one in cybersecurity, cloud and high performance computing, Atos Group is committed to a secure and decarbonized future and provides tailored AI‑powered, end‑to‑end solutions for all industries. Atos Group is the brand under which Atos SE (Societas Europaea) operates. Atos SE is listed on Euronext Paris.

The purpose of Atos Group is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

Eviden is the Atos Group brand for hardware and software products with c. € 1 billion in revenue, operating in 36 countries and comprising four business units: advanced computing, cybersecurity products, mission‑critical systems and vision AI. As a next‑generation technology leader, Eviden offers a unique combination of hardware and software technologies for businesses, public sector and defense organizations and research institutions, helping them to create value out of their data. Bringing together more than 4,500 world‑class talents and holding more than 2,100 patents, Eviden provides a strong portfolio of innovative and eco‑efficient solutions in AI, computing, security, data and applications.

Information Security practitioners: system and/or network administrators, forensic investigators, penetration testers, malware analysts, and threat hunters to join Eviden CSIRT (Computer Security Incident Response Team) – part of the Cybersecurity Service.

We're searching for professionals with proven experience in any of the above roles and a genuine passion for information security.

You’ll be part of a 3rd line team, handling complex cases and performing:

• Incident response
• Computer forensics
• Malware analysis
• Pen testing… and more, for Eviden and its global customers.

• World‑class training and certifications (fully financed)
• A flexible work environment
• Opportunities for continuous growth and development

Our CSIRT team delivers a wide range of services: from incident response planning and analysis to emergency response and digital forensics. In case of a breach, we minimize damage, recover compromised data, and preserve evidence for legal action.

• It’s an incident‑driven role
• Work schedule: Monday‑Friday, rotational shifts covering 8 AM – 6 PM
• On‑call duty: one week of phone availability after business hours (round‑robin)
• Location: Bydgoszcz office (fully remote option available)

• Full incident response lifecycle: from preparation to lessons learned and reporting
• Evidence collection in collaboration with users and sysadmins
• Forensic and malware analysis on demand
• Educating users about threats and incident causes
• When not handling incidents: building challenges for teammates and developing tools to support future cases

This is not a strict checklist – if you cover several of these, you’re in the right place:

• Excellent communication skills
• Fluent English (min. B2)
• Memory, filesystem, and network forensics
• Log analysis, SIEM
• Malware reverse engineering
• iOS/Android forensics
• Strong knowledge of Windows and/or Linux/Unix
• Deep understanding of networking and common protocols
• Scripting: Python, Bash, Perl, PowerShell

• GIAC (Forensics, Security Administration)
• OSCP

We take care of your personal data privacy. More information about processing your data within recruitment process you can find on our website: https://eviden.com/privacy-policy/

Nasze przedsiębiorstwo przestrzega zasad ochrony sygnalistów ustanowionych w dedykowanej procedurze zgodnie z ustawą z dnia 14 czerwca 2024 r. o ochronie sygnalistów (Dz.U. z 2024 r. poz. 928), zapewniając wszystkim pracownikom oraz osobom ubiegającym się o zatrudnienie lub świadczenie usług pełną poufność i ochronę w zakresie zgłaszania naruszeń prawa.