Cyber Security Specialist - Tier 3

The Cyber Defence Center in IT Relation is expanding and seeking our next team-mate who wants to participate in our endeavor towards securing and raising our customers Cyber Threat defences and actively responding to alerts and incidents. Are you ready to join forces and fight the bad guys, as one of our new Cyber Security Specialist?

You will be part of our Cyber Defence Center team with focused specialists, responsible for rapid detection and handling of Cyber Security related events, alerts, and indicators. We perform SIEM/IDPS (amongst others) monitoring, visitation and triaging, incident response, Cyber Threat Intelligence, Vulnerability Scanning and Management, as well as performing advisories on threats, security posture analysis and more, internally and for customers.

We’re an accredited TF-CSIRT team under Trusted Introducer and a renowned team with a high focus on best practices, documentation, and usage of industry standards in regards with frameworks, maturity models et al.

About the job

As one of our new Cyber Security Specialist you will be part of our third line/tier 3, responsible for evaluating and investigating escalated security incidents and alerts. You will be responsible for advising on attack remediations by collecting data for further analysis and evaluation as well for performing forensics to identify the root cause, IOCs and for developing containment- and eradication plans. A part of being in our third line is as well being part of our Cyber Security Incident Response Team as the Cyber Security Expert and to some extent sidekick for the Incident Management.

You will take part in developing and maintaining our playbook- and use case catalogue and sharing the knowledge with tier 1 and 2. You will take part in our proactive work to seek out weaknesses and hunt for threats, as well as ensuring a continuous development in our capabilities.

You will take part in analyzing, debugging, and improving our event sources, collaborating with the rest of the team and vendors as part of the continuous evolution of the capabilities and services. Furthermore, a significant portion of your workday will be working in collaboration with the team on the maturing and strategic goals appointed.

We are a highly specialized team focusing on Cyber Security, and as part of your job, you will participate in the enablement of your skillset by attending relevant webinars, presentations, conferences, continuous learning, and certifications.

When we’re not fighting the bad guys in Incident Responses, you can challenge yourself in other areas of our Cyber Defence Center. If you are passionate about DevOps, Countermeasures, Detection Engineering, or other areas, you can work across different fields and technologies in our Cyber Defence Center team.

What will be your responsibilities

• Proactively seek out weaknesses and perform threat hunting across our systems and customers
• Analyze, research, and perform forensics, evidence-collection, timeline-analysis, reporting on Security Incidents
• Participate in Incident Response
• Participate in Threat Intelligence and customer advisories
• Participate continuous development and maturity of our team

About you and your skillset

• You are service minded and a team-player
• You are structured, detail-oriented and put an honor in the quality of your work
• You can communicate your professional knowledge to end-users as well as experts
• You are self-driven and solution-oriented
• You have worked a minimum of 4 years in an IT Security function
• You have a profound working experience in analyzing, researching, and performing forensics on Security Incidents in a SOC, CSIRT/CERT or similar
• You have relevant security certifications, e.g., CISSP, CEH, eLearn Security, SANS, and other trainings
• You have a deep knowledge in Enterprise System Administration for Microsoft Windows and Linux
• You have knowledge in the Cloud-space and Microsoft Azure in particular
• You have an excellent understanding in DNS, TCP/IP networks and protocols
• You have an excellent technical analytical skill, a good situational awareness and sense of urgency in the field of cyber security
• You have a good knowledge and experience in process-oriented IT management (e.g., ITIL, ISO 27001)
• You have hands-on experience with threats and risks regarding Cyber Security, and have a working experience with SIEM- and Vulnerability Management technologies
• You have some experience in scripting languages and optionally programming
• You are keen to learn, taking part in trainings and certifications
• You are fluent in English – both spoken and written

Employee benefits

• 5 weeks of holidays
• 5 sick days/year
• Flexible working hours
• iPhone and Lenovo laptop
• Cafeteria flexible spending account (18.000 CZK/year)
• Meal vouchers in amount of 100 CZK/voucher (55 CZK is covered by employer)
• Monthly pension insurance of 3%
• Company assistance towards TAX authorities
• Czech, English and Danish lessons
• Support in your professional and personal growth
• Team event every month (fun activities, snacks and drinks)
• Fresh fruits and vegetables, delicious coffee and tea and soft drinks
• Height adjustable tables
• Pool table, darts, PlayStation 4 Pro and relax zone

#LI-Hybrid

#LI-KAZAJ