Job description
Incident Response Specialist
Do you thrive under pressure and have a knack for solving complex problems? Are you passionate about cybersecurity and keeping organizations safe? If so, then this Incident Response Specialist role is for you!
In this critical role, you will be the frontline defender in our fight against cyber threats. You will be responsible for identifying, investigating, and containing security incidents to minimize damage and ensure business continuity.
Responsibilities:
- Incident Detection and Triage:
- Collect and correlate information from various sources to identify potential security incidents.
- Assess incoming incident reports and efficiently prioritize them.
- Acknowledge alerts and communicate effectively with incident reporters.
- Confirm and classify incidents based on severity and type.
- Incident Response Management:
- Open incidents in the workflow system, identify stakeholders, and notify them promptly.
- Assign cases to the appropriate incident handlers and initiate the response process.
- Oversee ongoing analysis activities (forensics or reverse engineering) to build a comprehensive understanding of the incident.
- Maintain and share comprehensive incident documentation, including attack maps, timelines, and situational reports.
- Define and present response strategies to management for approval, encompassing identification, data collection, containment, eradication, and recovery.
- Implement containment, eradication, and recovery measures to minimize damage and restore normalcy.
- Collaboration and Communication:
- Provide technical assistance to all stakeholders involved in the incident response process.
- Coordinate incident response activities across various teams.
- Participate in cyber-crisis management and coordination, including preparing action plans, drafting reports, and arranging meetings.
- Communicate effectively with internal and external stakeholders throughout the incident response lifecycle.
- Continuous Improvement:
- Contribute to the continuous improvement of incident response plans and playbooks.
- Identify and implement measures to prevent future incidents.
- Conduct post-mortem analysis to identify lessons learned and recommend security control improvements.
- Maintain and enhance the standard incident response toolkit.
- Feed threat intelligence systems with extracted indicators of compromise.
- Collaborate with other security professionals to stay informed about the latest threats and vulnerabilities.
- Reporting and Awareness:
- Draft incident reports tailored for both management and technical audiences.
- Generate activity reports to demonstrate service level agreements (SLAs) and service quality.
- Contribute to security awareness training programs within the organization.
Qualifications:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience)
- Strong understanding of security concepts, frameworks, and methodologies (e.g., NIST CSF, CIS Controls)
- Experience with security incident response processes and best practices
- Excellent analytical and problem-solving skills
- Experience with incident response tools and technologies (e.g., SIEM, SOAR)
- Strong written and verbal communication skills
- Ability to work effectively under pressure and in fast-paced environments
- Excellent teamwork and collaboration skills
Benefits:
- Competitive salary and benefits package
- Opportunity to work in a dynamic and challenging environment
- Make a real difference in protecting the organization from cyber threats
- Continuous learning and development opportunities
To Apply, EU citizenship is required!
