CSIRT ANALYST (M/F/D)

CSIRT ANALYST (M/F/D)

Company Description

Together Ahead - European player on a global mission. #Boldness #Collective #Impact

What's in for you?

• A welcoming team, training, transition, mobility -- we support each project according to the desires and ambitions of each individual.
• We believe in work-life balance as a vehicle for personal fulfillment, so we have opted for autonomy and freedom in the workplace but also in the way we organize ourselves daily.
• To nurture our precious collective spirit, our weeks are characterized by various moments of sociability and sharing, always with a backdrop of humor.
• Every day we take action on social impact projects through our fund "Advens for People and Planet," whether they're centered on education, inclusion, or preserving the climate and environment. You have a social project you want to support? Use our internal team fundraising and collect money from colleagues and the company monthly.

Job Description

An organization is under attack: it needs your expertise fast to help it recover.

Your mission

• You identify the attackers' modus operandi, objective and qualify the extent of compromises.
• For that purpose, you analyze the technical artifacts collected (host forensics, network forensics, log analysis, and malware triage) to identify the attacker's Tactics, Techniques and Procedures (TTPs), Indicators of Compromise (IOCs).
• You recommend actions for containment and remediation of the incident.
• In an investigation report, you provide remediation recommendations for cleaning up and hardening the systems under attack.
• You monitor for new vulnerabilities, technologies and attack methods on IT components, and develop investigative tools.

Your potential projects

• To support a hospital targeted with ransomware, you will join the incident response of CERT Advens.
• The management of an industrial company asks you to intervene in its crisis unit.
• You carry out a digital forensics investigation to understand the origin of an attack and identify the attacker's TTPs.
• Together with a CISO and the IT department, you rebuild a compromised information system.

Qualifications

So, is this the right job for you?

• Reactivity doesn't scare you: when a company calls, you're already on your way!
• You know how to handle difficult situations, calm customers, manage pressure/stress and spread serenity around you.
• Education is one of your strengths: you like to explain situations, procedures for blocking attacks, and what will be done to prevent them from happening again.
• You keep watch every day, which helps you understand how to react.
• Daily monitoring is essential for keeping abreast of the latest cybersecurity news.
• You are passionate about security and are looking for projects with added value within a dynamic company.

Language skills (mandatory)

• German (full professional proficiency)
• English (full professional proficiency)

Location

• Munich/Augsburg (Germany) or
• Remote (from anywhere in Germany)

Additional Information

Your team

Career starter, career changer, or best-ager? If you are up for a challenge, and you would like to take part in an innovative business project, then come and join us!