Incident Responder

ELCASecurity is looking for an Incident Responder to be part of a great CSIR Team.

The Incident Response will deliver trust and confidence to clients during Incident Response engagements and will be able to act autonomously on IR but also leverage all the strengths in the ELCA group in the most complex cases.

He could be engaged in a remote incident response or onsite incident response depending on the situation.

In addition to possessing deep technical knowledge, an Incident Response interacts extensively with clients and partners using polite professional etiquette.

• Take responsibility for customer satisfaction and overall success of services.
• Drive new client onboarding in IR
• Be available, ready, and able to accept incoming calls
• 24x7x365 on-call duty is part of the IR job
• May need to travel in emergency to specific locations for IR engagement
• Plan, develop, and test new technical solutions and processes
• Propose enhancement on tools and workflow
• Respond in a timely manner (within documented SLA) to support IR.
• Document actions in tickets to effectively communicate information internally and to customers
• Adhere to policies, procedures, and security best practices
• Mentor fellow Security Engineers and Security Analysts

• Get the opportunity to expand your knowledge and experience by working on a broad range of exciting projects, products, customers and technologies
• A dynamic work and collaborative environment with a highly motivated multi-cultural and international sites team
• Attractive prospects for career path & Personal development through training and coaching
• Good work-life balance (2 days per week from home)
• A flat hierarchy and a culture of collaboration across all disciplines
• Monthly After-Works organized per locations
• Attractive pension fund with 3 types of employees’ contributions & Private ward and worldwide coverage with Zurich insurance
• 1/2 SBB fare abonnement
• Mobile and home discount program

The ideal candidate will be passionate about cyber security and providing excellent client satisfaction.  He or she will like the “nuts and bolts” of day to day tactical execution of IR with an emphasis on providing world-class IR.  He or she must be a self-driven, team oriented, and highly motivated technology professional experienced in IR.

Experience & Background:

• Minimum 10 years’ experience in information security managing and Incident Response or educational equivalent
• Excellent client service skills
• Excellent analytical thinking and problem solving skills
• Oral and written communication skills
• TCP/IP, DNS
• Windows and Unix/Linux operating system experience
• Experience reviewing and analyzing log data
• Experience reviewing and analyzing network packet captures
• Experience implementing and managing End Point Security products
• Knowledge of incident response processes (detection, triage, incident analysis, remediation and reporting).
• High level of ethical hacker knowledge and understanding of malware/ransomware.
• Strong knowledge of network protocols, Windows/Linux OS, IOCs and BIOCs