Global Security Incident Response Engineer (m/f/d)
Olympus
Hamburg
Ihre Aufgaben
Responding to Incidents :
- Manage and review responses to live incidents, document findings and implementing suitable remediation actions.
- Tracking problem records related to past incidents through to closure while providing information and guidance to problem management teams.
- Conduct computer and network investigation from start to finish using tools and resources.
- Provide expert technical advice and leadership based on detailed understanding threat intelligence and applied use within incident response and forensic investigations.
- Assists in development of processes, procedures, and documentation related to incident response activities.
- Assists in implementation of incident response processes and procedures for prompt restoration to ensure continuity of business with internal teams and MSPs.
- Provide feedback to SIEM engineers on alerts to ensure proper tuning of SIEM use cases.
Managed Service Provider (MSP) and Vendor Management :
Assist in leading, motivating, developing, and appraising external MSP and vendor teams that are contracted to provide incident response services to Olympus so that their individual and collective performance is of the required standard and meets the current and future needs of the business.
Ihre Qualifikationen
- Bachelor’s degree or higher in computer science, management information systems or related field or significant industry experience required.
- Certification in one or more of the following : CISSP, CISM, EnCE, CEH, GCFA, GCFE, or GCIH.
- Minium 5 years of experience in incident response or other related security functions.
- Linux / Unix technical experience including creation and modification, administration, troubleshooting, and / or forensic and Incident Response experience.
- Expertise with SIEM technologies such as, but not necessarily exclusive to : Splunk, Qradar, Arcsight, and Sentinel
- Expertise with Service Now.
- Experience with software / services such as Microsoft Defender, Microsoft Defender AV, Symantec Endpoint Protection, Zscaler, Bluecoat, Symantec WSS, Tenable, Armis, Illumio, Cisco Kenna, Cisco Hypershield
- Technical skills investigate incidents from start to finish given a wide variety of available tools and resources.
- Experience with malware analysis and understanding attack techniques.
- Experience interpreting, searching, and manipulating data within enterprise logging solutions.
- Experience working with network, host, and user activity data, and identifying anomalies.
- Business and technical acumen.
- Problem solving skills combined with critical and analytical thinking.
Ihre Vorteile
- Flexible working hours, remote work possible (up to 60%)
- 30 days of holidays per year
- Modern office and an inspiring working environment
- Employee restaurant with live cooking and healthy food (subsidized)
- Public transport ticket (100 % subsidized) or free parking space
- Company sport groups and an inhouse company gym
- Employee Assistance Program to support your health, mental and emotional well-being
- A comprehensive company pension scheme
- Company medical officer and vaccination offers
- Childcare through our Buttje&Deern’ partner
- Bike leasing
Vor 30+ Tagen