CSIRT Analyst


Cyber Security is a hot topic for all companies and individuals in this fast-changing world. The broad range of potential impact (from personal to national) and creative exploits make the protection of the integrity, confidentiality and availability of data more and more challenging and resourceful.  By joining Cegeka Security Operations Center, you participate in all technical cyber security related activities, playing an active role in the long-term cyber security strategy in a team where technical knowledge, continuous improvement and self-development are part of the DNA. You will orchestrate the alignment of team members and key resources within the organization during security incidents in order to minimize impact and restore operations in the shortest time frame possible. Alongside your main area of expertise, your input in security monitoring will be highly valued by contributing to the team's development and to improving the customers' experience.  #LI-DM1

  • Monitor security events received from customer’s monitored workloads and then take appropriate action based on customer scenario’s and action plans
  • Review security alerts escalated by level 2 analysts
  • Have a deep knowledge of all SIEM components and tooling, which you will use in your daily activities as an incident responder
  • Get energy and satisfaction when analyzing security incidents and alerts. You enjoy getting to the bottom, finding a root cause and assisting customers with mitigation plans
  • Are able to use and create threat intelligence and IOC’s in your daily activities
  • Follow but also write and maintain incident response procedures, keeping the mission of improving continuously in mind and understanding the threat landscape changes every day
  • Maintain the EDR products from a to z: you manage the policies as well as the detections and the response actions
  • Support complex incidents with your knowledge of forensic analysis, on logs, memory and disk images
  • Contribute to the continuous baselining of detection scenarios for the SOC’s customers, based on findings of incidents
  • Perform active threat hunting, using insights, experience and threat actors to look for anomalies in logs and data
  • Understand the necessity of a strong process - you contribute to the continuous improvement of every procedure and you support the adaption in other tools such as SOAR

What you need to succeed:

  • 3+ years professional experience as a Security Analyst
  • Deep technical understanding of the concepts of security incident management, digital forensics, investigating complex security incidents
  • Have a very solid knowledge of following technologies: SIEM (Splunk and Sentinel), Forensics toolkit and EDR (Microsoft, CrowdStrike)
  • Having a solid basics of the three aspects that form the foundation of cyber security, so you can use them in your daily analytical tasks: Operating systems (Linux and Windows), Networking (firewalling, IDS/IPS, WAF) and scripting (Bash and Python)
  • Display flexibility and eagerness to improve yourself every day, since being part of the CSIRT team requires that special focus and mindset
  • Having very strong analytical skills to look for the hidden treasure in a security incident, to evaluate current threats, translate it towards actionable items towards Cegeka and its customers
  • Creative and ambitious, so showing the ability to support the Cegeka Security Operations Centre to continuously improve and innovate
  • English skills - Advanced level

What are we offering:

  • 22 working days as Annual Vacation, 3 sick days that are not carried over the next year (no medical certificate required), plus a seniority day added every 3 years in the company;  
  • Floating days (free day for every public holiday that falls in weekend);  
  • Medical Insurance at Signal Iduna;  
  • 13th salary bonus prorated according to the number of worked months in a year;  
  • Benefit Online platform access, with a 600 RON monthly allowance from which you can choose to invest in different wellbeing, financial or retail packages;  
  • Facilitated Operational Car Leasing;  
  • Financial support for the birth of your child or unhappy events;  
  • Learning and development opportunities - allocated budget for certifications and/or trainings;  
  • Wellbeing initiatives to encourage a healthy work life balance through webinars and specialized sessions as per our colleagues’ interests
  • #InCloseCooperation – we work hard but we have fun even harder through monthly hangout parties, team buildings, and gamified experiences both online and offline. 
  • Learning and development opportunities - allocated budget for certifications and/or trainings
In Cegeka you see how a family-based company truly brings family principles to all its activities.

Anca Udroiu

Project Manager, Cegeka Romania

Aspire to more

For more than 25 years we have handled projects with drive and passion, providing IT solutions that are “tailored” to our customers. This is achievable through our teams of specialists, who are determined to define themselves everyday as the best professionals they can be within the market and leave their mark on IT projects where our impact matters. Given the right circumstances, we believe that together, we can find what enables you to learn faster, grow more and achieve more. Aspire to more.

Teams are were we live, so we always work together here. With passion, and most of all, with a lot of fun, within a culture driven by family values: respect, personal development and entrepreneurship. With a lot of freedom and responsibility. Be part of the next growth phase of a proud, successful, fast-growing, innovative, European IT company full of ambitions.

Application flow

Do you have any questions about this role?

Let's connect.