Security Incident Responder

(f/m)

Located in Romania (Bucharest)

Looking for your next career challenge?

You’ve found it!

Come join us and take your career to the next REVELSI!

ABOUT REVELSI

REVELSI is a tech innovation company with a clear vision and motivated minds that will help organizations worldwide to keep up the pace with the technology revolution that shows no signs of slowing down. Our goal is to help customers join the digital era and become technology-driven organizations by facilitating their journey from idea generation to the continuous deployment of solutions, platforms and technologies.

REVELSI TEAM

Our team is growing and we are looking for a new colleague to join us. We are a team that is vibing the Silicon Valley mindset, we like to share a coffee and good jokes in between meetings. We are in the midst of our expansion and we are looking for a team player with specialized skills to join our tech gurus, network designers, cybersecurity experts, software developers and IT managers. You will have the opportunity to work with dedicated IT (Security) professionals and to develop new capabilities while also having fun. We are a young and dynamic team that enjoys challenges and we are facing them with courage and enthusiasm.

YOUR IMPACT

You will be responsible for identifying, analyzing, and responding to security incidents within our organization, ensuring a swift and effective resolution. This role requires a deep understanding of cybersecurity principles, incident response procedures, and the ability to handle and mitigate security threats effectively.

YOUR DAY-TO-DAY

• Constantly monitor security tools to identify security incidents and anomalies.
• Conduct in-depth analysis of security events to determine the scope, severity, and potential impact of incidents.
• Develop and execute incident response plans to address security threats promptly and effectively.
• Coordinate with relevant teams to contain and mitigate security incidents.
• Conduct post-incident analysis to identify the root cause and implement measures to prevent future occurrences.
• Document incident details, actions taken, and resolutions for future reference and analysis.
• Generate detailed incident reports for management and stakeholders, outlining incident details, impact, and remediation steps.
• Collaborate with cross-functional teams to ensure a cohesive response to security incidents.
• Communicate effectively with internal stakeholders and external partners regarding incident updates and resolution progress.
• Work according to established security procedures, incident response plan, and compliance requirements.
• Maintain clear documentation and facilitate smooth transition during shift handovers.
• Providing mentorship and guidance in incident response procedures and best practices to new SOC analysts.
• Proficiency in conducting advanced log queries for incident investigations.
• Create monitoring dashboards, detections to increase the protection coverage.
• Using SIEMs, like Sentinel, Splunk to efficiently respond to incidents and proactively mitigate any security risks.
• Ensure adherence to established procedures, templates and workflows by colleague analysts, fostering a cohesive and consistent approach to incident handling.

QUALIFICATIONS

• Bachelor’s Degree, or an equivalent combination of formal education and experience in technical field. A Master's degree is often preferred.
• Minimum one and a half (1.5) year of experience in cybersecurity roles is required with a focus on incident response.
• Minimum one (1) year of experience with a ticketing system platform.
• Must be available for working on-call.
• Must have strong analytical and organizational skills.
• KQL and Splunk query language experience is required.
• Excellent English skills, especially in writing and comprehension is mandatory.
• Experience in conducting post-incident analysis and implementing security measures.
• Relevant certifications (e.g., Certified Incident Handler (GCIH), AZ-900, Security+, CyberOps Associate, CCNA, CySA+) are a plus.

YOUR SKILLS AND KNOWLEDGE

• Problem solving with keen attention to detail.
• Proactive mindset and a curiosity-driven approach to challenges.
• Cybersecurity attacks and defense techniques.
• Cybersecurity endpoint protection solutions.
• Good understanding of networking principles and cybersecurity technologies.
• Deep understanding of cybersecurity kill chain and principles (PICERL).
• In-depth knowledge of various cybersecurity attack types and defense strategies.
• Understanding of networking protocols, traffic analysis, and packet capture.
• Scripting and programming languages (e.g., Python, PowerShell).
• Malware analysis and forensic tools.
• YARA Rules for malware recognition is a nice to have.
• Experience with cybersecurity cloud technologies is nice to have.
• Proficiency in using security tools such as SIEM system, IDS/IPS, EDR solutions, and other relevant security technologies is a nice to have.
• Proficiency in working according to established procedures and workflows.
• Open-minded and collaborative communication skills.

WORK SCHEDULE

• Day Shift: 10:00 – 19:00
• US Business Hours Shift: 13:00– 22:00
• 1 hour lunch break

WE VALUE OUR EMPLOYEES

At REVELSI, we focus on ensuring you a benefit package that will take care of your health, wealth and well-being.

● Private Healthcare at Regina Maria

● Medical Assurance at Signal Iduna

● Private dental services: exclusive benefits at Life Dental Spa clinics

● Meal tickets

● Referral Bonus

● Training and growth opportunities

● Team buildings

● Revel welcome pack (branded backpack agenda & pen)

● Pizza day at the office and free drinks

● Christmas/Easter gifts

● 21 days of PTO per year and additional days off based on your seniority in Revel (2 additional days will be added to your total number of days off after every 2 years in the company, until you will reach a maximum of 25 days off);

Every day is an opportunity to grow and go beyond our limits! Our team believes in taking on challenges and conquering them together. It’s amazing to think what we can accomplish together! Equal Opportunity Employment: REVELSI is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.