Cyber Defense Incident Responder (tier 3) – Cyber Security

The Cyber Security organization in IT Relation are expanding and seeking our next team-mate who wants to participate in our endeavor towards securing and raising our customers Cyber Threat defenses and actively responding to alerts and incidents.

Are you ready to join forces and fight the bad guys, as one of our new Cyber Defense Incident Responders?

You will be part of a team with Cyber Security focused specialists, responsible for development, implementation, maintenance, and operation of our specialized SOAR.

We perform SIEM/IDS (amongst others) monitoring, visitation and triaging, incident response, Cyber Threat Intelligence, Vulnerability Scanning and Management, as well as performing advisories on threats, security posture analysis and more, internally and for customers.

About the job

As one of our new Cyber Defense Incident Responders you will be part of our third line/tier 3:

• responsible for evaluating and investigating escalated major security incidents and alerts.
• You will be a consultant and advisor for our team as well as for the customers.
• You will be responsible for advising on attack-remediations by collecting data for further analysis and evaluation, as well for performing forensics to identify the root cause, IOCs and for developing containment- and eradication plans.
• You will take part in developing and maintaining our playbook catalogue and sharing the knowledge with the tier 1 and 2.
• You will take part in our proactive work to seek out weaknesses and hunt for threats, as well as ensuring a continuous development in our capabilities.
• You will take part in analyzing and debugging our event sources, collaborating with the rest of the team and vendors when systems are not working optimally or as part of the continuous evolving of the capabilities and services.
• You will take part of an on-call arrangement, ensuring investigation of escalated prioritized Security Incidents off-hours.
• You will participate in enablement of your skillset by attending relevant webinars, presentations, conferences, continuous learning, and certifications.

As a team, we are responsible for various security areas and there is a high degree of flexibility in being involved more in some of them according to your skillset and preferences.

What will be your main responsibilities

• Proactively seek out weaknesses and perform threat hunting across our systems and customers
• Analyze, research, and perform forensics on Security Incidents
• Participate in Incident Response and on-call arrangement
• Participate in tuning our SOAR/SIEM alerts and capabilities as well as maintain and develop our playbooks

About you and your skillset

• You are service minded and a team-player
• You are structured, detail-oriented and put an honor in the quality of your work
• You can communicate your professional knowledge to end-users as well as experts
• You are self-driven and solution-oriented
• You have worked a minimum of 4 years in an IT Security function
• You have a profound working experience in analyzing, researching, and performing forensics on Security Incidents in a SOC, CSIRT/CERT or similar
• You have relevant security certifications, e.g., CISSP, CEH, eLearn Security, SANS, and other trainings
• You have a deep knowledge in System Administration for Microsoft Windows and Linux
• You have knowledge in the Cloud-space and Microsoft Azure in particular
• You have an excellent understanding in DNS, TCP/IP networks and protocols
• You have an excellent technical analytical skill and a good situational awareness in the field of cyber security
• You have a good knowledge and experience in process-oriented IT management (e.g., ITIL, ISO 27001)
• You have hands-on experience with threats and risks regarding Cyber Security, and have a working experience with SIEM- and Vulnerability Management technologies
• You have experience in scripting languages and optionally programming
• You are keen to learn, taking part in trainings and certifications
• You are fluent in English – both spoken and written

We offer

• A fast-growing IT company with a burning desire to make a difference
• A strong no problem culture that is felt at all levels of the company
• A workplace where you get a great opportunity to develop professionally and personally
• Good collaboration and sparring with skilled colleagues
• A highly passionate management team
• Work-as-an-agile service, here you can freely choose which location you want to associate with, and decide for yourself whether you solve your tasks in the office or remotely
• A workplace where there is a strong focus on strengthening social cohesion

Benefits

• 5 weeks of holidays
• 5 sick days/year
• Flexible working hours
• Hybrid working model
• iPhone and Lenovo laptop
• Cafeteria flexible spending account (18.000 CZK/year)
• Meal vouchers in amount of 100 CZK/voucher (55 CZK is covered by employer)
• Monthly pension insurance of 3%
• Possibility to arrange a Multisport card (as a part of Cafeteria)
• Company assistance towards TAX authorities
• Czech, English and Danish lessons paid by company
• Support in your professional and personal growth
• Socializing events (company parties, team events, Friday's breakfast...)
• Fresh fruits and vegetables, delicious coffee and tea and soft drinks
• Height adjustable tables
• Pool table, darts, PlayStation 4 Pro and relax zone