Security Incident Response Engineer, global

Security ServiceNow START SIEM-System CEH Cisco Administration UNIX Transport Analyse Linux Support Splunk Management CISM Flexibilität, Your Responsibilities: As the "Security Incident Response Engineer, global (m/f/d)", you will be responsible for providing technical analysis and remediation of assets, whilst developing a scalable Security Incident and Event Management solution for on-prem infrastructure. You will be responsible for monitoring and analyzing emerging threats, vulnerabilities, and exploits. Incident Response

• Manage and review responses to live incidents, document findings and implementing suitable remediation actions
• Tracking problem records related to past incidents through to closure while providing information and guidance to problem management teams
• Conduct computer and network investigation from start to finish using tools and resources
• Provide expert technical advice and leadership based on detailed understanding threat intelligence and applied use within incident response and forensic investigations
• Assists in development of processes, procedures, and documentation related to incident response activities
• Assists in implementation of incident response processes and procedures for prompt restoration to ensure continuity of business with internal teams and MSPs
• Provide feedback to Security Incident Engineers on alerts, to ensure proper tuning of use cases Managed Service Provider (MSP) and Vendor Management
• Assist in leading, motivating, developing, and appraising external MSP and vendor teams that are contracted to provide incident response services to Olympus so that their individual and collective performance is of the required standard and meets the current and future needs of the business Your qualification

• Bachelors Degree or higher in Computer Science, Management Information Systems or related field or significant industry experience required
• Certification in one or more of the following: CISSP, CISM, EnCE, CEH, GCFA, GCFE, or GCIH
• Demonstrable experience in incident response or other related security functions
• Linux/Unix technical experience including creation and modification, administration, troubleshooting, and/or forensic and Incident Response experience
• Expertise with SIEM technologies such as, but not necessarily exclusive to Splunk, Qradar, Arcsight, and Sentinel
• Expertise with ServiceNow
• Experience with software/services such as Microsoft Defender, Microsoft Defender AV, Symantec Endpoint Protection, Zscaler, Bluecoat, Symantec WSS, Tenable, Armis, Illumio, Cisco Kenna, Cisco Hypershield
• Experience with malware analysis and understanding attack techniques
• Experience interpreting, searching, and manipulating data within enterprise logging solutions
• Experience working with network, host, and user activity data, and identifying anomalies Your benefits
• Flexible working hours, remote work possible (up to 60%)

• Employee restaurant with live cooking and healthy food (subsidized)
• Public transport ticket (100 % subsidized) or free parking space
• Company sport groups and an inhouse company gym
• Employee Assistance Program to support your health, mental and emotional well-being
• A comprehensive company pension scheme
• Company medical officer and vaccination offers
• Childcare through our Buttje&Deern partner
• Bike leasing