Cyber Security Analyst – Cyber Defence Center

The Cyber Defence Center in itm8 is expanding and seeking our next team-mate who wants to participate in our endeavor towards securing and raising our customers Cyber Threat defences and actively responding to alerts and incidents. Are you ready to join forces and fight the bad guys, as one of our new Cyber Security Analysts?

You will be part of our Cyber Defence Center team with focused specialists, responsible for rapid detection and handling of Cyber Security related events, alerts, and indicators. We perform SIEM/IDPS (amongst others) monitoring, visitation and triaging, incident response, Cyber Threat Intelligence, Vulnerability Scanning and Management, as well as performing advisories on threats, security posture analysis and more, internally and for customers.

Incident analysis, scope determining, enable eradications and expeditious remediations, as well as escalation management will be part of your day-to-day work, together with a high degree of focus on continuous maturation and development of our team and capabilities, as well as personal training and learning.

We’re an accredited TF-CSIRT team under Trusted Introducer and a renowned team with a high focus on best practices, documentation, and usage of industry standards in regards with frameworks, maturity models et al.

About the job

As one of our new Cyber Security Analysts you will be part of our Security Operations, responsible for daily visitation and investigation of incoming escalations of Security Incident, alerts from our frontline analysts and performed proactive hunts. Using our SOAR platform, you will apply existing playbooks, as well as utilizing your knowledge, in analyzing the escalated Security Incidents, ensuring the correct prioritization, categorization and that the relevant response is performed. For more complex Security Incidents you are responsible for involving our CSIRT investigators and taking part in the response. With larger incidents, you will participate in the Incident Response Team analyzing, remediating, and eradicating the adversary/threat actor from the infrastructure, and help the customer back on track as soon as possible.

Participating in our Security Operations, you will take part in an on-call arrangement, ensuring investigation of escalated prioritized Security Incidents outside of normal hours.
You will take part in analyzing, debugging, and improving our event sources, collaborating with the rest of the team and vendors as part of the continuous evolution of the capabilities and services. Furthermore, a significant portion of your workday will be working in collaboration with the team on the maturing and strategic goals appointed.

We are a highly specialized team focusing on Cyber Security, and as part of your job, you will participate in the enablement of your skillset by attending relevant webinars, presentations, conferences, continuous learning, and certifications.

What will be your responsibilities

• Daily visitation of escalations, triaging, investigating/analyzing, and performing eradication and remediation for Security Incidents
• Participate in Threat Intelligence and customer advisories
• Participate in Incident Response and on-call arrangement
• Participate in continuous development and maturity of our team

About you and your skillset

• You are service minded and a team-player
• You are structured, detail-oriented and put an honor in the quality of your work
• You can communicate your professional knowledge to end-users, boards, as well as experts
• You are self-driven and solution-oriented
• You have worked a minimum of 2 years in an IT Security function
• You have working experience analyzing security alerts/assessments in a SOC, CSIRT or similar
• You might have relevant security certifications (e.g., Security+, SC-200, CEH, GSOC, GCED)
• You have knowledge in Enterprise System Administration for Microsoft Windows and Linux
• You have knowledge in the Cloud-space and Microsoft Azure in particular
• You have a good understanding of TCP/IP networks and protocols
• You have a good technical analytical skill, a good situational awareness and sense of urgency in the field of cyber security
• You have knowledge in process-oriented IT management (e.g., ITIL, ISO 27001)
• You have knowledge about threats and risks regarding Cyber Security, and have a good understanding of SIEM- and Vulnerability Management technologies
• You are keen to learn, taking part in trainings and certifications
• You are fluent in English – both spoken and written

Employee benefits:

• 5 weeks of holidays
• 5 sick days/year
• Flexible working hours
• Hybrid working model
• iPhone and Lenovo laptop
• Cafeteria flexible spending account (CZK 18,000/year)
• Meal vouchers in amount of CZK 100/voucher (CZK 55 is covered by the employer)
• Monthly pension insurance of 3%
• Possibility to arrange a Multisport card
• Company assistance towards TAX authorities
• Czech and English lessons paid by the company
• Support in your professional and personal growth
• Social events (company parties, monthly company bars, weekly breakfasts...)
• Fresh fruit, delicious coffee, tea and soft drinks
• Stand up desks
• Pool table, darts, PlayStation 4 Pro and relax zone

Welcome to ITM8 and the Cyber Defence Center Team
Over the past few years, our company, itm8, has experienced tremendous growth, and we expect it to continue. The growth is both organic and through acquisitions. We currently have 1,700+ colleagues who recently merged in one company from 13 different brands and are spread across 4 countries: Denmark, Sweden, the Czech Republic, and the Philippines.

We look forward to welcoming our new Cyber Security Analyst to the ITM8 family!

#LI-Hybrid

#LI-LUKOC