Ref: 000008_1688376259
Senior Incident Handler - CSIRT
- €55,000 to €65,000 EUR
- Specialist Role
- Skills: SOC, Penetration, Python, Cybersecurity, Incident, Security
- Level: Mid-level
Job description
Senior Incident Handler - CSIRT
000008_1688376259
Join a dedicated team committed to assisting organisations in containing, neutralising, and eradicating cybersecurity threats. With our expertise, we ensure that organisations are well-prepared to handle incidents and conduct thorough post-mortem investigations. We handle a diverse range of incident response engagements, averaging around 70 per year, including forensic investigations and analysis of human-operated ransomware breaches.
The role:
As a Senior Incident Handler, you will play a crucial role in assisting organisations with their security incidents. Your responsibilities will involve conducting host forensics and performing comprehensive log analysis to support incident response engagements. Additionally, you will work towards enhancing our client's incident response preparedness.
Leveraging your extensive experience in incident response, you will develop innovative detection use cases by applying your knowledge of tactics, techniques, and procedures (TTPs). Regular validation of these use cases through purple team engagements will ensure their relevance and effectiveness.
You will also contribute a portion of your time to the development and maintenance of our in-house CSIRT tools and applications, furthering our capabilities in incident response.
Highly collaborative environment, you will have the opportunity to participate in regular training sessions, workshops, and knowledge-sharing activities with clients and colleagues. Moreover, you will have the chance to showcase your work and expertise at prestigious security conventions.
Requirements:
* Prior experience in the field of Cybersecurity - Red/Purple/Blue
* Strong understanding of network protocols (HTTP2/Quic, DoT/DoH, etc.)
* Proficiency in Windows and Linux operating systems.
* Analytical thinking, problem-solving skills, and a passion for parsing and analysing complex logs are essential.
* Familiarity with tools such as Volatility, Log2Timeline, Misp, IntelMQ, Wireshark, Tshark, and Snort is expected, along with experience in debugging Python.
* Understanding the promises and limitations of threat intelligence and the ability to work calmly under pressure and deal with individuals under stress are additional key attributes we seek.
The role:
As a Senior Incident Handler, you will play a crucial role in assisting organisations with their security incidents. Your responsibilities will involve conducting host forensics and performing comprehensive log analysis to support incident response engagements. Additionally, you will work towards enhancing our client's incident response preparedness.
Leveraging your extensive experience in incident response, you will develop innovative detection use cases by applying your knowledge of tactics, techniques, and procedures (TTPs). Regular validation of these use cases through purple team engagements will ensure their relevance and effectiveness.
You will also contribute a portion of your time to the development and maintenance of our in-house CSIRT tools and applications, furthering our capabilities in incident response.
Highly collaborative environment, you will have the opportunity to participate in regular training sessions, workshops, and knowledge-sharing activities with clients and colleagues. Moreover, you will have the chance to showcase your work and expertise at prestigious security conventions.
Requirements:
* Prior experience in the field of Cybersecurity - Red/Purple/Blue
* Strong understanding of network protocols (HTTP2/Quic, DoT/DoH, etc.)
* Proficiency in Windows and Linux operating systems.
* Analytical thinking, problem-solving skills, and a passion for parsing and analysing complex logs are essential.
* Familiarity with tools such as Volatility, Log2Timeline, Misp, IntelMQ, Wireshark, Tshark, and Snort is expected, along with experience in debugging Python.
* Understanding the promises and limitations of threat intelligence and the ability to work calmly under pressure and deal with individuals under stress are additional key attributes we seek.
AWS jobs by location
- AWS Jobs In Australia
- AWS Jobs In Austria
- AWS Jobs In Belgium
- AWS Jobs In Bulgaria
- AWS Jobs In Czech Republic
- AWS Jobs In Denmark
- AWS Jobs In Finland
- AWS Jobs In Germany
- AWS Jobs In Switzerland
- AWS Jobs In Hungary
- AWS Jobs In Ireland
- AWS Jobs In Italy
- AWS Jobs In Luxembourg
- AWS Jobs In Netherlands
- AWS Jobs In Norway
- AWS Jobs In Poland
- AWS Jobs In Romania
- AWS Jobs In Slovakia
- AWS Jobs In South Africa
- AWS Jobs In Sweden
- AWS Jobs In United Kingdom
- AWS Jobs In United States