Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Our client, a major organization in the critical infrastructure and transport sector, is seeking a CSIRT Officer to join their Cybersecurity Center of Excellence for a mission running until the end of 2027.
In this role, you’ll play a key part in protecting the organization’s IT, OT, and IoT environments by detecting, investigating, and responding to cybersecurity incidents. Working closely with SOC and CSIRT teams, internal stakeholders, and external partners, you’ll help strengthen the organization’s overall security posture and resilience.
What You’ll Do
- Incident Handling & Response: Investigate and respond to high-severity incidents such as malware infections, network intrusions, and data breaches. Conduct forensic analysis and implement robust incident response plans.
- Threat Detection & Hunting: Proactively identify threats and vulnerabilities using SIEM tools, detection frameworks, and threat hunting techniques. Collaborate with third-party SOC teams to contain and mitigate risks.
- SIEM Engineering: Develop, maintain, and optimize SIEM systems. Create MITRE ATT&CK-based detection rules and playbooks, and automate responses to enhance efficiency.
- Security Projects: Contribute to ongoing cybersecurity initiatives such as new platform rollouts, automation, and control improvements.
What We’re Looking For
- Strong analytical and problem-solving mindset.
- Proven expertise with security technologies and tools such as SIEM (Sentinel), EDR, firewalls, and intrusion detection/prevention systems.
- Solid experience in incident response, forensics, malware analysis, and threat hunting.
- Good understanding of networking protocols, operating systems, cloud security concepts, and critical infrastructure environments (SAP knowledge is a plus).
- Experience with SOC engineering, identifying detection gaps, and automating alert handling.
- Customer-oriented, collaborative, and able to navigate complex organizational environments.
Qualifications
- Bachelor’s degree in Computer Science, Information Security, or equivalent experience.
- 5-10+ years of experience in a security-related role with focus on incident response and analysis.
- Certifications such as GCIH, GCFE, GCFA, GNFA, GCIA, or GREM are a strong plus.
- Fluent in English (written and spoken).
Key Skills
Ranked by relevanceReady to apply?
Join Harvey Nash and take your career to the next level!
Application takes less than 5 minutes