Ihre Aufgaben
Responding to Incidents:
- Manage and review responses to live incidents, document findings and implementing suitable remediation actions.
- Tracking problem records related to past incidents through to closure while providing information and guidance to problem management teams.
- Conduct computer and network investigation from start to finish using tools and resources.
- Provide expert technical advice and leadership based on detailed understanding threat intelligence and applied use within incident response and forensic investigations.
- Assists in development of processes, procedures, and documentation related to incident response activities.
- Assists in implementation of incident response processes and procedures for prompt restoration to ensure continuity of business with internal teams and MSPs.
- Provide feedback to SIEM engineers on alerts to ensure proper tuning of SIEM use cases.
Ihre Qualifikationen
- Bachelor’s degree or higher in computer science, management information systems or related field or significant industry experience required.
- Certification in one or more of the following: CISSP, CISM, EnCE, CEH, GCFA, GCFE, or GCIH.
- Minium 7 years of experience in incident response or other related security functions.
- Linux/Unix technical experience including creation and modification, administration, troubleshooting, and/or forensic and Incident Response experience.
- Expertise with SIEM technologies such as, but not necessarily exclusive to: Splunk, Qradar, Arcsight, and Sentinel
- Expertise with Service Now.
- Experience with software/services such as Microsoft Defender, Microsoft Defender AV, Symantec Endpoint Protection, Zscaler, Bluecoat, Symantec WSS, Tenable, Armis, Illumio, Cisco Kenna, Cisco Hypershield
- Technical skills investigate incidents from start to finish given a wide variety of available tools and resources.
- Experience with malware analysis and understanding attack techniques.
- Experience interpreting, searching, and manipulating data within enterprise logging solutions.
- Experience working with network, host, and user activity data, and identifying anomalies.
- Business and technical acumen.
- Problem solving skills combined with critical and analytical thinking.
Ihre Vorteile
-Flexible working hours, remote work possible (up to 60%)
-30 days of holidays per year
-Modern office and an inspiring working environment
-Employee restaurant with live cooking and healthy food (subsidized)
-Public transport ticket (100 % subsidized) or free parking space
-Company sport groups and an inhouse company gym
-Employee Assistance Program to support your health, mental and emotional well-being
-A comprehensive company pension scheme
-Company medical officer and vaccination offers
-Childcare through our ‘Buttje&Deern’ partner
-Bike leasing