Cybersecurity Incident Responder

Antal International
30 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Tech stack

Computer Security
Intrusion Detection Systems
QRadar
Information Technology
Fireeye
Splunk

Job description

Required clearance : EU secret. The process to get the clearance can be started at the beginning of the mission.

Activities:

  • Collect intrusion artefacts and use discovered data to enable mitigation of potential cyber defence incidents
  • Coordinate and perform incident response functions and forensic investigation
  • Receive and analyze network alerts from various sources - Splunk, Qradar, FireEye EDR, IDS
  • Defining and carrying out containment measures, eradication measures and recovery measures
  • Provide technical assistance to all stakeholders
  • Post-mortem identification of lessons learned and recommendations to improve security controls such as mitigating the risk of re-occurrence
  • Improving documentation and procedures
  • Interfacing with other experts
  • Secure handling, analysis and exchange of cyber security information with relevant stakeholders and trusted partners
  • Technology and security watch

Requirements

Seniority: Bachelor Degree in Computer Science or Information Technology complemented by 3 years of professional practice in a specific Cyber Security domain, or Secondary Education complemented by 9 years of professional practice in a specific Cyber Security domain and supported by at least 2 relevant professional certifications

Experience of 3 years in :

  • Collect intrusion artefacts and use discovered data to enable mitigation of potential cyber defence incidents
  • Coordinate and perform incident response functions and forensic investigation
  • Receive and analyse network alerts from various sources - Splunk, Qradar, FireEye EDR, IDS
  • Defining and carrying out containment measures, eradication measures and recovery measures
  • Post-mortem identification of lessons learned and recommendations to improve security controls such as mitigating the risk of re-occurrence
  • Improving documentation and procedures

Are a plus

Certifications in cyber security, such as CISSP ( Certified Information, Systems Security Professional ) , GCIH or GIAC/ GCIM

Certification in IT Service Management.

Apply for this position