CSIRT Analyst

Bucharest
Security

Do you want to be a part of one of the fastest-growing and largest Security Operations Centers in Europe? Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR)? Does Incident Response, Digital Forensics, Threat Hunting, Threat Intelligence and everything related to Cyber Security feel like second nature to you? Are you a Cyber Defender at heart, driven to strengthen the blue team and help organizations that are under attack? If you answered yes to all of these questions, you might be the perfect fit for our CSIRT Analyst role.

  • You handle security alerts/incidents that have been escalated by the SOC Analysts (Tier 2)
  • You will handle security alerts and incidents together with your team
  • You conduct DFIR assignments, including DFIR readiness assessments
  • You participate in the weekly Threat Hunting duty to proactively chase threats through novel Tools, Techniques & Procedures (TTPs)
  • You will perform compromise assessments to identify potential compromises and their scope
  • You collect Threat Intelligence (IOCs and TTPs)
  • You will contribute to Detection Engineering in SIEM, xDR, …
  • Together with the Red Team you will do Purple Teaming exercises to test and improve defenses
  • You contribute to the creation of playbooks in SOAR
  • You will co-write processes and procedures related to DFIR, Threat Intelligence, Threat Hunting, …
  • You will be part of our Incident Response on call service.

What you need to succeed:

  • You have at least 3-5 years of experience in a similar position
  • You have a bachelor or master degree or equivalent through experience
  • You have experience and/or interest in working with the following MDR tools: EDR (CrowdStrike Falcon, MS Defender for Endpoint, Sentinel One, ...), NDR (Vectra, Darktrace, ...), xDR (CrowdStrike Identity Protection, MS Defender for Office/Clouds Apps/Identity/...)
  • As an analyst or engineer, you already have a good knowledge of Security Monitoring with SIEM technologies
  • You are passionate about the following security capabilities: Security Monitoring, Digital Forensics, Incident Response, Threat Intelligence, Threat Hunting, ...
  • You have a hands-on and proactive mindset with a 'can do' mentality
  • You speak and write English fluently.

What are we offering:

  • 22 annual vacation days, 3 sick days that are not carried to the next year (no medical certificate required)
  • A seniority day is added every 3 years in the company
  • Floating days - free day for every public holiday that falls on the weekend, with the exception of holidays which always fall during the weekend
  • Annual Company Bonus, which is determined based on the financial performance of the company, in accordance with the policy in place. The bonus amount will be prorated to reflect the number of months worked during the applicable calendar year. Payment of the Annual Company Bonus is subject to the terms, conditions, and eligibility criteria outlined in the company’s bonus policy.
  • Private medical insurance
  • Access to an online benefit platform, with a monthly allowance of 690 RON, which you can choose to invest in different wellbeing, financial, or retail packages
  • Financial support for the birth of your child or unhappy events
  • A work culture based on cooperation and development - customized learning paths through external providers as well as special development programs.
  • We offer remote work flexibility, driven by smart working principles and aligned with team goals and values
  • Wellbeing initiatives to encourage a healthy work life balance through webinars, specialized sessions and internal programs, per our colleagues’ input
  • Moments that matter, like recurring hangout parties, team buildings, team bonding events.
In Cegeka you see how a family-based company truly brings family principles to all its activities.

Anca Udroiu

Project Manager, Cegeka Romania

Application flow

1. Apply

We will review your application and contact you as soon as possible.

2. Meet us

We will have 2 conversations so that we can discover together if we are a match on both sides.

3. Offer

Successfully completed the process? Then you will receive an offer from us.  

4. Time to start!

Accepted our proposal? Great! We look forward to working with you.

Do you have any questions about this role?

Let's connect.

Inge Feytons

inge.feytons@cegeka.com
+3211240234