Security Incident Response Engineer

Bucharest, Iasi
Security

Cyber Security is a hot topic for all companies and individuals in this fast-changing world. The broad range of potential impact (from personal to national) and creative exploits make the protection of the integrity, confidentiality and availability of data more and more challenging and resourceful.  By joining Cegeka Security Operations Center, you participate in all technical cyber security related activities, playing an active role in the long term cyber security strategy in a team where technical knowledge, continuous improvement and self-development are part of the DNA. You will orchestrate the alignment of team members and key resources within the organization during security incidents in order to minimize impact and restore operations in the shortest time frame possible. Alongside your main area of expertise, your input in security monitoring will be highly valued by contributing to the team's development and to improving the customers' experience.

  • Monitor security events received from customer’s monitored workloads and then take appropriate action based on customer scenario’s and action plans
  • Review security alerts escalated by level 1 and level 2 analysts
  • Have a deep knowledge of all SIEM components and tooling, which you will use in your daily activities as an incident responder
  • Get energy and satisfaction when analyzing security incidents and alerts. You enjoy getting to the bottom, finding a root cause and assisting customers with mitigation plans
  • Are able to use and create threat intelligence and IOC’s in your daily activities
  • Follow but also write and maintain incident response procedures, keeping the mission of improving continuously in mind and understanding the threat landscape changes every day
  • Maintain the EDR products from a to z: you manage the policies as well as the detections and the response actions
  • Support complex incidents with your knowledge of forensic analysis, on logs, memory and disk images
  • Contribute to the continuous baselining of detection scenarios for the SOC’s customers, based on findings of incidents
  • Perform active threat hunting, using insights, experience and threat actors to look for anomalies in logs and data
  • Understand the necessity of a strong process - you contribute to the continuous improvement of every procedure and you support the adaption in other tools such as SOAR

What you need to succeed:

  • 3+ years professional experience as a Security Analyst 
  • Deep technical understanding of the concepts of security incident management, digital forensics, investigating complex security incidents
  • Have a very solid knowledge of following technologies: SIEM (Splunk and Sentinel), Forensics toolkit and EDR (Microsoft, CrowdStrike)
  • Having a solid basics of the three aspects that form the foundation of cyber security, so you can use them in your daily analytical tasks: Operating systems (Linux and Windows), Networking (firewalling, IDS/IPS, WAF) and scripting (Bash and Python)
  • Display flexibility and eagerness to improve yourself every day, since being part of the CSIRT team requires that special focus and mindset
  • Having very strong analytical skills to look for the hidden treasure in a security incident, to evaluate current threats, translate it towards actionable items towards Cegeka and its customers
  • Creative and ambitious, so showing the ability to support the Cegeka Security Operations Center to continuously improve and innovate
  • English skills - Advanced level

What are we offering:

  • Working together with motivated and expert colleagues on digital solutions that help your customers achieve their goals
  • 22 Annual Vacation plus additional days off according to internal policies
  • Gym Subscription according to the internal policies
  • Great online and offline facilities to work on your personal and professional growth -  budget for courses, trainings, self-development online platforms, internal initiatives
  • Access to Benefit Online platform where you can choose to invest a monthly budget in: meal tickets, holiday packages, courses, vouchers for a variety of categories – cultural, entertainment
  • Flexible work from home policy – currently working remote, welcoming colleagues to work at our office anytime they desire 
At the end of the day, I trust my team is there to support me along the way.

Marian Matei

Service Coordinator, Cegeka Romania

Aspire to more

For more than 25 years we have handled projects with drive and passion, providing IT solutions that are “tailored” to our customers. This is achievable through our teams of specialists, who are determined to define themselves everyday as the best professionals they can be within the market and leave their mark on IT projects where our impact matters. Given the right circumstances, we believe that together, we can find what enables you to learn faster, grow more and achieve more. Aspire to more.


Teams are were we live, so we always work together here. With passion, and most of all, with a lot of fun, within a culture driven by family values: respect, personal development and entrepreneurship. With a lot of freedom and responsibility. Be part of the next growth phase of a proud, successful, fast-growing, innovative, European IT company full of ambitions.

Application flow

Do you have any questions about this role?

Let's connect.