Bring more to life.

At Danaher, our work saves lives. And each of us plays a part. Fueled by our culture of continuous improvement, we turn ideas into impact – innovating at the speed of life.

Our 63,000+ associates work across the globe at more than 15 unique businesses within life sciences, diagnostics, and biotechnology.

Are you ready to accelerate your potential and make a real difference? At Danaher, you can build an incredible career at a leading science and technology company, where we’re committed to hiring and developing from within. You’ll thrive in a culture of belonging where you and your unique viewpoint matter.

Learn about the Danaher Business System which makes everything possible.

Our global cybersecurity group—Danaher Information Security (DIS)—is expanding into Europe.  This strategic growth includes the launch of a 24/7 cybersecurity capability in Kraków, enabling global coverage and operational resilience across our enterprise through continuous improvement.

Advance your career by shaping global cybersecurity strategy and defending Danaher’s enterprise through leadership, innovation, and collaboration. As a key contributor in our cybersecurity organization, you will drive enterprise-wide initiatives that span threat intelligence, data governance, and manufacturing resilience—ensuring protection across our global footprint.

Positioned within the Kraków technology delivery centre, this role is an exciting opportunity to join a growing engineering and operations team dedicated to defending Danaher’s businesses.  You’ll engage in deploying leading security technologies, responding to threats in real time, and shaping the future of our cybersecurity posture.

The Senior Engineer, Incident Response is responsible for helping protect Danaher’s assets and data through cybersecurity event investigation and response. This role is part of a high performing team delivering essential cybersecurity services to our operating companies.    

This position is part of the Danaher Corporate Information Security team, reporting to the Senior Manager, Security Operations. This is a Danaher Corporate role, hosted by our Cytiva operating company in Krakow.   

In this role, you will have the opportunity to:  

• Leads cybersecurity incident response and investigations for moderate to high complexity events. 

• Analyze large and complex technical data sets to identify abnormal user, network, and system activity warranting further investigation using SIEM, EDR, and SOAR tools. 

• Proactively identify security and process gaps and work with colleagues to increasingly gain visibility and implement remediations. 

• Correlate disparate data sources to provide a holistic picture of our threat detection capability, and lead continuous improvement initiatives related to MITRE ATT&CK coverage. 

• Serve as a leader and provides guidance in assisting IT and security personnel in the collection and review of artifacts pertaining to the investigation, including briefing key leaders on technical findings and business impact. 

• Identify Use Cases for implementation in EDR/SIEM to improve detection coverage. 

The essential requirements of the job include:   

• A minimum of 7 years of experience in information technology, with a significant portion devoted to security operations, security engineering, or incident response. 

• Strong understanding of technology concepts such as TCP/IP, DHCP, DNS, authentication, authorization, Microsoft Active Directory and Windows OS architecture, and network traffic control.

• Maintain strong information security knowledge of threat actor tactics, techniques, and procedures to identify potential risks and develop achievable and effective mitigation strategies. 

• Ability to review and determine the functionality of advanced malicious scripts written in python or other common scripting language. 

• Track record for working as an individual contributor and as a member of a matrixed team, with the ability to coach, review, or delegate work to lower-level professionals and lead through influence.

It would be a plus if you also possess previous experience in:  

• Bachelor’s degree in a related field or equivalent work experience. 

• Previous experience in large global complex environments. 

• Prior experience in disk forensics, memory forensics, and/or cloud response.  

• Prior experience working with a Security Operations Center or Managed Security Services Provider (MSSP) to implement and enhance threat detection and response capability.

• Specialized industry certifications such as CISSP, GIAC GSEC, GIAC GCIH and GIAC GREM.