Cyber Security Analyst

Who we are

We are currently looking to hire Security Analysts to join our Global Cybersecurity Team.

1.   Tier 1 - Alert Investigator with experience in working in or with a SOC, specialized in reviewing the incident alerts, scanning for vulnerabilities, reviewing assessment reports, and overview the security monitoring. 

2.   Tier 2 - Incident Responder with experience in working in or with a SOC, specialized in leveraging detection platforms, endpoint data and network equipment, in generating incident timeline, in gathering evidence from affected systems, in forensics analysis of artefacts, in monitoring networks and/or alarms, in enhancing detection and monitoring platform and incident response processes, ability in set up the strategy for containment, remediation and recovery. 

3.   Tier 3 – Incident Coordinator, Threat Hunter and researcher with experience in working in or with a SOC, similar to Tier 2 analyst but more experienced, being able to conduct complex incident management, advanced forensics and threat hunting, malware research and threat intelligence attribution activities. 

What you'll be doing

• Work primarily with information security technologies and processes 
• Assist engineers in solution designs in relation with various aspects of information security technologies, processes, and requirements 
• Conduct monitoring, operations, and control tasks regarding Security Operations Center (SOC) activities 
• Perform incident management activities 
• Performs vulnerability testing, risk analyses and security assessments 
• Investigate threats, conduct forensic investigations, and mount incident responses, triage security alerts, incidents 
• Develop automation processes to handle SOC and CSIRT related activities 
• Research, plan, and design robust security architectures for various IT infrastructures based on internationally recognized standards and best security practices 
• Assistance of technical experts within operational teams 
• Deliver technical reports and formal advisory papers on SOC/CSIRT and forensics activities 
• Contributes to security best practices, ISO or NIST compliance and new security standards. 
• Assists in security training and awareness activities 
• Attends conferences and trainings as required to maintain proficiency 
• Actively contribute to further developing of the Cybersecurity department 

What you'll bring along

• Minimum of 3-5 years of experience in a similar role
• Master's or Bachelor’s degree in related fields, preferably Engineering, Computer Science, Mathematics areas
• Proven track record of security activities, like investigations, forensics, and incident response 
• In depth knowledge of processes, research, and performance analysis capabilities 
• Negotiation capabilities and problem-solving mindset 
• Understanding the IT service industry as well as the relevant marketplace 
• Effectively drive service development and contribute to development processes 
• Effectively cope with change; comfortably adjust to alterations in work activities; able to decide and act with limited information; effectively handle risk and uncertainty in ambiguous situations 
• Demonstrated resilience, diplomacy, influence, relationship building, and problem-solving skills in a variety of situations 
• Collaborative attitude and able to serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams, Customer oriented behavior 
• Highly effective written and oral communication skills, excellent interpersonal skills and experience dealing effectively with people having different background 
• Fluency in Business English is required, German is an advantage 
• Fast learner - research capabilities for obtaining required information 
• Proven experience in the following: 
• Incident Response (Threat Hunting, Malware Analysis, Forensics, Incident Handling) 
• Be hands on familiar with IR toolsets and investigation techniques on both Windows and GNU/Linux Operating Systems 
• In-depth knowledge of operating systems – Windows & Linux, firewalls, HIDS/HIPS & IDS/IPS 
• Strong understanding of computer networks, strong understanding of TCP/IP, DNS, network routing/switching, and network best practices for complex environments 
• Knowledge and experience with proactive threat hunting techniques and procedures 
• Experience in monitoring networks and/or alarms, in enhancing detection and monitoring platform and incident response processes, ability in set up the strategy for containment, remediation and recovery 
• Experience with enterprise level EDR and SIEM platforms
• Experience in detection platforms, endpoint data and network equipment, in generating incident timeline, in gathering evidence from affected systems 
• Skills in security forensics activities, malware reverse engineering and cryptanalysis 
• Experience with OSINT and threat intelligence gathering methods 
• Skills in scripting and programming languages 
• In-depth technical knowledge within following security areas is an advantage: 
• SIEM, SOAR and vulnerability assessments tools and solutions 
• Experience in implementing security solutions, vulnerability testing, risk 
• Security Threat Intelligence, Attribution and Hunting activities 
• CEH, SANS, OSCP, CompTIA or similar certifications represent a big plus 
• Availability for collaborate socially and technically within international teams 

What’s in it for you

✔ New beginnings can be a challenge. We promise a smooth integration and a supportive mentor

✔ Pick your working style: choose from Remote, Hybrid or Office work opportunities

✔ Early bird or night owl? Our projects have different working hours to suit your needs

✔ Nobody is born an expert. Sharpen your tech skills with our sponsored certifications, trainings and top e-learning platforms

✔ We want you to stay healthy! Enjoy our Private Health Insurance ⁠– it’s custom-made for you

✔ A clear mind is a healthy mind. Attend individual coaching sessions or go one step further by joining our accredited Coaching School

✔ Make the most of our epic parties or themed events – they’re lovingly designed for our people and their families