CSIRT Analyst

Bucharest
Security

Cyber Security is a hot topic for all companies and individuals in this fast-changing world. The broad range of potential impact (from personal to national) and creative exploits make the protection of the integrity, confidentiality and availability of data more and more challenging and resourceful.  By joining Cegeka Security Operations Center, you participate in all technical cyber security related activities, playing an active role in the long term cyber security strategy in a team where technical knowledge, continuous improvement and self-development are part of the DNA. You will orchestrate the alignment of team members and key resources within the organization during security incidents in order to minimize impact and restore operations in the shortest time frame possible. Alongside your main area of expertise, your input in security monitoring will be highly valued by contributing to the team's development and to improving the customers' experience.

  • Monitor security events received from customer’s monitored workloads and then take appropriate action based on customer scenario’s and action plans
  • Review security alerts escalated by level 1 and level 2 analysts
  • Have a deep knowledge of all SIEM components and tooling, which you will use in your daily activities as an incident responder
  • Get energy and satisfaction when analyzing security incidents and alerts. You enjoy getting to the bottom, finding a root cause and assisting customers with mitigation plans
  • Are able to use and create threat intelligence and IOC’s in your daily activities
  • Follow but also write and maintain incident response procedures, keeping the mission of improving continuously in mind and understanding the threat landscape changes every day
  • Maintain the EDR products from a to z: you manage the policies as well as the detections and the response actions
  • Support complex incidents with your knowledge of forensic analysis, on logs, memory and disk images
  • Contribute to the continuous baselining of detection scenarios for the SOC’s customers, based on findings of incidents
  • Perform active threat hunting, using insights, experience and threat actors to look for anomalies in logs and data
  • Understand the necessity of a strong process - you contribute to the continuous improvement of every procedure and you support the adaption in other tools such as SOAR

What you need to succeed:

  • 3+ years professional experience as a Security Analyst 
  • Deep technical understanding of the concepts of security incident management, digital forensics, investigating complex security incidents
  • Have a very solid knowledge of following technologies: SIEM (Splunk and Sentinel), Forensics toolkit and EDR (Microsoft, CrowdStrike)
  • Having a solid basics of the three aspects that form the foundation of cyber security, so you can use them in your daily analytical tasks: Operating systems (Linux and Windows), Networking (firewalling, IDS/IPS, WAF) and scripting (Bash and Python)
  • Display flexibility and eagerness to improve yourself every day, since being part of the CSIRT team requires that special focus and mindset
  • Having very strong analytical skills to look for the hidden treasure in a security incident, to evaluate current threats, translate it towards actionable items towards Cegeka and its customers
  • Creative and ambitious, so showing the ability to support the Cegeka Security Operations Center to continuously improve and innovate
  • English skills - Advanced level

What are we offering:

  • 22 Annual Vacation and 6 bonus days (that are not carried over the next year)​​.
  • 13th salary bonus  at the end of the year. ​​
  • Monthly budget of 475 RON gross and choose to invest in: meal tickets, private pension and insurance packages, holidays packages, gifts, cultural and entertainment activities, alongside exclusive offers from + 2000 providers.​​
  • Private health insurance package for services covering prevention, diagnosis, and treatment.  ​​
  • You can access an operational car leasing contract by supporting a fixed monthly instalment which covers all operation costs of a car and other additional services (insurance, maintenance, repairs, and administrative cost). ​​
  • Sports Partnership with 7 Card and Oxygen in Iasi. ​​
  • We do everything we can to help our employees grow and use their strengths through a facilitated personal development plan (Training Budget, Certifications in line with well-known vendors).​​
  • Wellbeing at the center - we know that there is more to our lives than our jobs, therefore we make sure to tackle wellbeing aspects of our day to day lives through specialized sessions, webinars and internal programs according to our employee's input.​​
  • In close cooperation is a value we live by, through #MomentsThatMatter: monthly hangout parties, team buildings, gamified online experiences.
Your ambition will only grow together with Cegeka, as you are given the space and context to develop.

Adrian Ilie

.NET Software Developer, Cegeka Romania

Aspire to more

For more than 25 years we have handled projects with drive and passion, providing IT solutions that are “tailored” to our customers. This is achievable through our teams of specialists, who are determined to define themselves everyday as the best professionals they can be within the market and leave their mark on IT projects where our impact matters. Given the right circumstances, we believe that together, we can find what enables you to learn faster, grow more and achieve more. Aspire to more.


Teams are were we live, so we always work together here. With passion, and most of all, with a lot of fun, within a culture driven by family values: respect, personal development and entrepreneurship. With a lot of freedom and responsibility. Be part of the next growth phase of a proud, successful, fast-growing, innovative, European IT company full of ambitions.

Application flow

Do you have any questions about this role?

Let's connect.