Cyber Security Specialist - Tier 2

The Cyber Defence Center in IT Relation is expanding and seeking our next team-mate who wants to participate in our endeavor towards securing and raising our customers Cyber Threat defences and actively responding to alerts and incidents. Are you ready to join forces and fight the bad guys, as one of our new Cyber Security Specialist?

You will be part of our Cyber Defence Center team with focused specialists, responsible for rapid detection and handling of Cyber Security related events, alerts, and indicators. We perform SIEM/IDPS (amongst others) monitoring, visitation and triaging, incident response, Cyber Threat Intelligence, Vulnerability Scanning and Management, as well as performing advisories on threats, security posture analysis and more, internally and for customers.

Incident analysis, scope determining, enable eradications and expeditious remediations, as well as escalation management will be part of your day-to-day work, together with a high degree of focus on continuous maturation and development of our team and capabilities, as well as personal training and learning.

We’re an accredited TF-CSIRT team under Trusted Introducer and a renowned team with a high focus on best practices, documentation, and usage of industry standards in regards with frameworks, maturity models et al.

About the job

As one of our new Cyber Security Specialists you will be part of our second line/tier 2, responsible for daily visitation and investigation of incoming escalations of Security Incident, alerts from our frontline analysts. Using our SOAR platform, you will apply existing playbooks, in relation to utilizing your general knowledge, in analyzing the escalated Security Incidents, ensuring the correct prioritization and that the relevant response is performed. For more complex Security Incidents you are responsible for involving our third line/tier 3 investigators and helping in the response. With larger incidents, you will participate in the Incident Response Team analyzing, remediating, and eradicating the adversary/threat actor from the infrastructure, and help the customer back on track as soon as possible.

Participating in our second line/tier 2, you will take part in an on-call arrangement, ensuring investigation of escalated prioritized Security Incidents off-hours.

You will take part in analyzing, debugging, and improving our event sources, collaborating with the rest of the team and vendors as part of the continuous evolution of the capabilities and services. Furthermore, a significant portion of your workday will be working in collaboration with the team on the maturing and strategic goals appointed.

We are a highly specialized team focusing on Cyber Security, and as part of your job, you will participate in the enablement of your skillset by attending relevant webinars, presentations, conferences, continuous learning, and certifications.

What will be your responsibilities

• Daily visitation of escalations, triaging, investigating/analyzing, and performing eradication and remediation for Security Incidents
• Participate in Threat Intelligence and customer advisories
• Participate in Incident Response and on-call arrangement
• Participate continuous development and maturity of our team

What do you need for this role?

• You have worked a minimum of 2 years in an IT Security function
• You have working experience analyzing security alerts/assessments in a SOC, CSIRT or similar
• You have knowledge in Enterprise System Administration for Microsoft Windows and Linux
• You have knowledge in the Cloud-space and Microsoft Azure in particular
• You have a good understanding in TCP/IP networks and protocols
• You have knowledge about threats and risks regarding Cyber Security, and have a good understanding of SIEM- and Vulnerability Management technologies
• It is your advantage if you have:
  • relevant security certifications (e.g., Security+, SC-200, CEH, eLearn Security)
  • knowledge in process-oriented IT management (e.g., ITIL, ISO 27001)
  
  
• You are keen to learn, taking part in trainings and certifications
• You are fluent in English – both spoken and written
• You are service minded and a team-player
• You are structured, detail-oriented and put an honor in the quality of your work
• You can communicate your professional knowledge to end-users, boards, as well as experts
• You are self-driven and solution-oriented

Employee benefits

• 5 weeks of holidays
• 5 sick days/year
• Flexible working hours
• iPhone and Lenovo laptop
• Cafeteria flexible spending account (18.000 CZK/year)
• Meal vouchers in amount of 100 CZK/voucher (55 CZK is covered by employer)
• Monthly pension insurance of 3%
• Company assistance towards TAX authorities
• Czech, English and Danish lessons
• Support in your professional and personal growth
• Team event every month (fun activities, snacks and drinks)
• Fresh fruits and vegetables, delicious coffee and tea and soft drinks
• Height adjustable tables
• Pool table, darts, PlayStation 4 Pro and relax zone

#LI-Hybrid

#LI-KAZAJ