Are you interested in work in stable and progressive Global IT company?
Do you know something of Information Security, Cyber Attacks, Incident Response, SIEM, etc.?
Can you motivate others, to be a role model for the fellow colleagues???
- Continuous development of Incident Response practice, set up of high security standards
- Development of security related skills and mindset of colleagues, sharing knowledge and practices
- Preparation and planning incident response plans to respond to various security incident scenarios
- Research emerging Cyber Threats, and educate people, improve processes and technology
- Leading - planning, organizing, coordinating medium and major security Incident Response efforts,
- Execute digital forensics (multi-platform and network), data acquisition and data analytics, memory forensics, targeted memory capture ensuring data integrity and fidelity, malware static and dynamic analysis, malware reversing, execute Cyber Threat hunt exercises
- Execute Security Architecture reviews and assessments of security technology stack to continuously boost security incidents breach prevention and detection capabilities (SIEM, EPP, EDR, SEG, SEW, NGFW, NGIPS, AD/AAD, other).
- Execute creation of Indicators of Compromise (IOCs) in formats such as YARA, OpenIOC, and STIX.
- Support SIEM content development by proposing incident detection ideas and testing these.
- Passion for information security, continuous learning mindset and problem solving attitude
- Very good experience in Information Security Incident Response management practices (ISIRT/CSIRT) and in Crisis Management situations.
- Proficient experience in:
- leading security incident response activities throughout their lifecycle (including reporting).
- digital forensics (multi-platform, network, memory), data acquisition and data analytics in-depth (host and network level).
- cyber threats modeling, identification, and assessment techniques.
- Very good experience in cyber threat hunt and red / blue team exercises.
- Very good understanding of :
- Common Cyber Attack techniques and principles e.g. MITM, Cyber Kill Chain and MITRE ATTACK framework.
- Security Information and Event Management (SIEM) platforms.
- Threat Intelligence Platform (TIP) and Incident Response Platform (IRP) concepts.
- Intrusion Prevention Systems (IPS on host and network level) and Next Generation Firewall technology (NGFW).
- EndPoint Protection Platform (EPP) and EndPoint Detection and Response (EDR) solutions.
- Information Security common body of knowledge (e.g. taxonomy used by ISC2, SANS, ISO270xx).
- Proficient with programing languages (e.g. Python, Shell, PowerShell, C#) and system administration operations (to run forensic lab, malware lab, honeypots net, other).
- Very good reporting skills.
- Permanent contract
- Possibility of personal and technical development
- Home office possibilities
- Company Car, Pension plan contribution, Long-term Sickness Insurance
- Employee benefit program + Extra week of holiday (25 days/year), Self-sickness days, Full salary compensation for up to 10 days absence due to illness, Lunch vouchers fully covered by company
- Multisport card, mobile and laptop, fruit days, sport clubs for employees, Referral program……