Cyber Security Incident Responder (m/f/d)

For our client, a global player in the construction industry in Eastern Switzerland, we are looking for a Cyber Security Incident Responder (m/f/d) as soon as possible.

Your tasks:

• Manage and lead the response efforts to complex attacks against the company globally and seek to consistently mature the security incident response processes that are specific to the growing cloud and on-premise environments
• Support forensic investigations and bring to resolution or escalate to appropriate system owners in Global IT and report the outcomes of incident handling to senior management
• Perform threat hunting, write scripts, work also on orchestration and automation
• Propose new detection logic and design, test and automate playbooks for IT, IoT and OT in the target system landscape (including SIEM, SOAR, EDR)
• Manage all stakeholder interactions in a professional manner with a strong emphasis on user satisfaction
• Contribute to the overall performance and success of the SOC function
• Closely collaborate with Cyber Security Engineers and other Cyber Security specialists in the team and with colleagues in IT Operations to improve the overall security posture

Your Qualifications:

• Master’s degree in computer science, information systems, engineering or a related technical discipline related to information security, cyber, or computer network defense
• 5 + years’ experience working in Security Incident Response or related fields
• Proven subject matter expertise in relevant areas, such as threat hunting, intrusion analysis, malware analysis, cyber threat intelligence or security engineering
• Strong analytical and problem-solving skills paired with excellent interpersonal and communication skills and knowledge of MITRE and SANS incident response frameworks and best practices
• Hand-on experience in SIEM/XDR/SOAR/TIP/EDR, NTA platforms
• Two or more of the following: CISSP, GCIH, GSEC, FOR EC-Council’s Certified Incident Handler (ECIH), SEI Computer Security Incident Handler (CSIH)
• Very comfortable in scripting languages (Python, JavaScript, PHP)
• Familiarity with multi cloud environments as well as experience in conducting penetration testing

What we offer:

• Unique, modern workplace
• Creative team
• Opportunities for personal development
• Company canteen with a large selection
• Sports offers
• Child care
• Personal and reliable support and advice
• Extensive and professional support in the application process

If you are interested, we look forward to receiving your application documents, which you should preferably send by e-mail to sophia.heinemann@jobactive.de. Thank you very much!

Jobactive GmbH stands for competence and passion in the most diverse areas of personnel management, whether personnel consulting, recruitment, or placement. Jobactive GmbH is a wholly owned subsidiary of hanfried GmbH. As an independent brand, we make our employees available to our renowned customers in the event of personnel bottlenecks and seasonal work peaks.