As a key member of our team, you will be responsible for ensuring the security and integrity of our systems and networks. This role involves handling security incidents, conducting forensic investigations, and implementing measures to enhance our security posture using new and existing technology.
key responsibilities
* you will actively monitor and respond to security incidents and alerts using advanced threat detection tools, ensuring timely mitigation and resolution.
* assist with incident response and system stability issues as they occur, collaborating with cross-functional teams to resolve complex problems.
* perform detailed forensic analysis on network traffic and logs to detect and trace signs of malicious activities and compromised systems across various platforms, including cloud environments.
* develop and maintain comprehensive incident response and digital forensics plans, ensuring they are up-to-date and aligned with industry best practices.
* collaborate with it and engineering teams to refine technology usage and security practices, leveraging tools such as security information and event management (siem), security orchestration, automation, and response (soar), intrusion detection systems (ids), host-based intrusion prevention systems (hips), and active directory.
* oversee the implementation of defensive strategies and countermeasures across infrastructure and applications, ensuring alignment with business objectives.
* continuously improve the incident response program by integrating lessons learned from past incidents and staying current with industry trends and best practices.
requirements
* a minimum of 1-3 years' experience in information security, specifically in security operations and incident handling.
* strong understanding of the incident response lifecycle and best practices in digital forensics, with a focus on analytical and problem-solving skills.
* excellent communication and collaboration skills, with the ability to handle high-pressure situations and work effectively in a fast-paced environment.
* proficiency with advanced threat detection tools, including edr/xdr solutions such as microsoft defender, sentinelone, and crowdstrike.
* experience in cloud computing technologies, including software-, infrastructure-, and platform-as-a-service, as well as public, private, and hybrid environments – particularly microsoft e5 products and their security and compliance capabilities.