Detalii loc de munca

As an Incident Response Coordinator, you will act as the first responder for cyber-security incidents identified through different channels.

You will work with different technologies & tools and interact with other teams and third-party providers.

Who you are:

• Act as the first responder for cyber-security incidents identified through different channels.
• Investigate cases such as, but not limited to: malware, cyberattack, APT, security breaches.
• Understand and identify indicators of attack and indicators of compromise.
• Investigate root cause of complex security incidents.
• Analyze incident data from threat analytics tools.
• Coordinate a response to the security incident with other internal teams and vendors.
• Develop, document and implement runbooks, capabilities and techniques for Incident Response.
• Develop reactive measures using automation tools (SOAR).
• Perform security triage and analysis / threat hunting on endpoint, server and network infrastructure.
• Perform activities necessary for immediate containment and short-term resolution of incidents.
• Collect, preserve and process volatile information and evidences needed to conduct highly-confidential forensic investigations.
• Ensures forensic investigation and incident response procedures comply with standard operating procedures, processes, policies, guidelines and forensics best practices.
• Examine and analyze security events or incidents and investigate significant issues related to technology infrastructure.
• Coordinate or provide recommendations for containment and remediation steps until security incident closure.
• Prepare detailed written reports that document the incident timeline and circumstances, present forensic evidence to varied audiences and offer expert opinions. Communicate investigation results and findings for administrative or legal purposes to internal stakeholders, senior management, auditors etc.
• Lead efforts to refine incident response and forensics methodologies, optimize related processes and procedures.
• Coach and advise teams on effective security practices, procedures and technical counter measures to reduce risk.

What you know and will you be working with:

•       Experience in Security Incident Response with operational security experience (Indicator of Attack / Indicator of Compromise deep investigation, Malware Analysis, Threat Analytics, Threat Intelligence etc.)

•       Experience in Network Security Administration and/or Systems Administration (Windows Server and Active Directory)

•       Experience with various EDR solutions

•       You have knowledge of various query languages for SIEM

•       Cloud experience with any of the major cloud providers, including cloud security

•       Ability to manage complex incident response situations with a focus on deep technical troubleshooting

•       You have knowledge of Linux and Windows server systems and hardening methodology

•       You have networking knowledge (TCP/IP, routing protocols etc.), troubleshooting skills

·        You have knowledge of virtualization concepts and solutions

·        You have basic knowledge about scripting (any from bash, Python, PowerShell)

·        You graduated from a faculty such as Electronics, Telecommunications and Information Technology, Automatic Control and Computer Science, Cybernetics

·        You have IT Industry certifications (SANS GCIH, CISSP, CEH, OSCP etc.)

·        You show analytical thinking and attention to details, gained in participating to different projects and activities either curricular or extra-curricular

·        You are able to work comfortably in a fast-changing environment on interesting technical challenges

·        You are all about sharing and collaboration with your team mates

·        You are perceived as expert in your area of competence

Working language(s):  Romanian and English

Education:

·        You graduated from a faculty such as Electronics, Telecommunications and Information Technology, Automatic Control and Computer Science, Cybernetics

Thank you for applying!