Incident Responder

My responsibilities:

Monitor security alerts and triage incidents to determine scope, severity, and impact
Lead and support incident investigations, including log analysis, endpoint/user workflow analysis, and correlation of events
Coordinate containment actions (e.g., isolating systems, disabling malicious access) and support recovery efforts
Document incidents thoroughly, including timelines, observed indicators, root cause analysis, and lessons learned
Write and maintain incident playbooks/runbooks to improve response consistency and speed
Work closely with IT, engineering, and risk teams to ensure effective remediation and risk reduction
Working on Cyber Threat Intelligence topics (collecting and analysing information, buliding and maintaining knowledge base, creating mappings etc.)

5+ years of experience in security operations, incident response, threat analysis, or a closely related role.
Strong understanding of common attack techniques, incident lifecycle, and forensic investigation fundamentals.
Proven experience with security log analysis (SIEM-style workflows, alert triage, event correlation).
Solid knowledge of Windows/Linux systems, networking fundamentals, and authentication/identity attack patterns.
Ability to work accurately under pressure and communicate clearly during active incidents.
Experience with detection engineering concepts (e.g., alert tuning, correlation logic, rule optimization).
Familiarity with common threat intelligence workflows and frameworks (e.g., indicator-driven and TTP-driven analysis).
Hands-on experience with endpoint investigation and evidence handling.
Experience with scripting for analysis and automation (e.g., Python, PowerShell, Bash).
Understanding of vulnerability and risk concepts to support remediation prioritization.
Please not! On-call duty may be required depending on operational coverage.

Hybrid

Immediately

Please use our online application and attach your resume.