Cyber Incident Responder

Your role :

Are you keen on working in world class Cyber Security Operations Center for one of the best Swiss private banks?

Do you have related experience and are willing to take it further by learning how to defend an enterprise against cyber-attacks?

We are looking for an incident response expert who will:

• respond to cyber security incidents covering all phases including identification, containment and eradication

• conduct forensic level analysis of system, accounts, and networks

• act as engagement point for wider technology teams within Major Incident Management framework

• support and maintain response strategy to severe incidents and key attack scenarios

• maintain coordination and communication streams horizontally and vertically as part of major cyber related incident handling

• perform technical analysis and triaging as part of incident investigation

• actively collaborate with Cyber Intelligence teams to ensure response capabilities are adequate to the threat

• mentor and train junior analysts in advanced incident response techniques, tactics, and procedures

Your team :

You'll be working in the Cyber Incident Response team distributed globally, which is a critical function within the Cyber Security Operations Center. You will be collaborating with a peer of teams covering cyber monitoring, hunting, advanced detection, cyber threat intelligence and security engineering.

We are global team with the presence in Switzerland, USA and Singapore focusing on pro-active defense capabilities supported by active intelligence consumption. By joining our team, you will have continuous learning possibilities while tracking recent techniques, tactics and procedures of various adversaries.

Your expertise :

• 5+years experience in incident response operations or security operations positions in a large enterprise environment

• experience in investigating and handling data breaches and leading investigation to resolution

• ability to design and write runbooks for frequently occurring incidents

• a natural ability to take the lead and drive the investigation of complex technical issues, with strong analytical and problem-solving skills

• extensive experience performing cyber incident response and root-cause-analysis

• technical understanding of enterprise networks, protocols, their various components and designs

• strong forensics skills, and an understanding chain of custody requirements

• experience with one or more programming/scripting languages such as Python, JavaScript, Java, or C#, deep understanding of the cyber kill-chain and MITRE ATT&K frameworks