Mid/Senior Cybersecurity Incident Responder

Sword Services Greece S.A. is seeking to recruit energetic individuals to join our IT team in Greece as a Mid/Senior Cybersecurity Incident Responder. The successful candidate will work in a multinational environment on a multitude of tasks supporting our business in developing web applications. The company is currently expanding its activities in Greece offering an optimum career advancement opportunity for the successful candidate who should combine a relevant educational background, with enthusiasm and eagerness.

What you will do...

• Collect, analyze, evaluate, correlate cyber threat information, events and intrusion artifacts originating from multiple sources, and mitigates the impact of cybersecurity incidents and coordinate based on its seniority the cyber defense team to resolve cybersecurity incidents;
• Conduct advanced Forensic Analysis investigations to support incident response and potential legal proceedings;
• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus, etc.) to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the organization;
• Identifie cyber events, incidents, root causes and malicious actors, performing cyber defense trend analysis and reporting;
• Restore systems and processes' functionalities to an operational state after the incident, collecting and handling evidence and documenting actions taken;
• Perform an after – action review and briefs the incident response team targeting to a reduced dwell time;
• Write cyber defense techniques, guidance, and reports on incident findings;
• Identifies vulnerabilities and suggests appropriate remediation.

What is your experience...

• BSc's degree in Cyber Security / Information Security or any other relevant field;
• Must have certificates in cybersecurity and at least in one in Incident Response / Computer Forensics;
• Knowledge of business continuity and disaster recovery operation activities;
• Experience in preserving evidence integrity according to standard operating procedures;
• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions;
• Experience in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters);
• Knowledge of incident categories, incident responses, and timelines for responses along with incident handling methodologies (e.g Incident Response Playbooks);
• Experience in performing a security incident impact assessment;
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth);
• Experience in using security event correlation tools (SIEM);
• Experience in system administration, network, and operating system hardening;
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks, etc.) and cyber attackers (e.g. script kiddies, insider threat, etc);
• Knowledge of cyber attack stages, malware analysis concepts and methodologies;
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, and injections, etc);
• Proficiency knowledge of cloud computing concepts and platforms (e.g., Azure, AWS, GCP, OVH etc.)

Personal Characteristics...

• Attention to detail and strong sense of responsibility;
• Good analytical and problem-solving skills;
• Proactively manage own tasks and projects to agreed deadlines;
• Ability to work effectively & efficiently with various diverse work teams (Development, Testing and Project Management).

What we offer to you…

• Competitive remuneration package;
• Meal voucher card;
• Private medical plan;
• Private pension plan;
• Shuttle Bus;
• Training & Development plan;
• Teambuilding events;

Applications must be in the English language