Cyber Security Incident Response Lead (Insider Threat) (Computer Emergency Response Team)

Infinity Quest
Legutio, Spain
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
€ 70K

Job location

Legutio, Spain

Tech stack

Kubernetes Security
Data analysis
Application Testing
Business Process Modeling
Cloud Computing
Computer Security
Computer Forensics
Desktop Computing
Digital Forensics
Identity and Access Management
Intrusion Detection and Prevention
PCI Data Security Standards
Reverse Engineering
Security Information and Event Management
Cloud Platform System
Software Security
Malware

Job description

Infinity Quest is seeking a cybersecurity professional in Spain, País Vasco. This role focuses on incident management in cloud environments, monitoring digital threats, and managing responses across various platforms. Responsibilities include the operation of intrusion detection technologies while ensuring compliance with security standards.

The ideal candidate will demonstrate in-depth knowledge of forensics, digital threat prevention, and relevant regulatory frameworks. A strong background in information security, as well as experience with SIEM platforms and endpoint security, is essential for success in this role.

Responsabilidades

  • Monitors the performance of computer forensics practices.
  • Operates intrusion detection and prevention technologies.
  • Ensures forensics procedures and adjusts tools accordingly.
  • Promotes internal control reports for external audits.
  • Analyzes unexpected network events and devises actions.
  • Leads incident response activities and shares information., * Monitors the performance and efficiency of computer forensics practices.
  • Operates intrusion detection and prevention technologies, systems and tools to monitor, analyse and respond to networks and systems.
  • Monitors forensics procedures and adjusts digital forensics tools accordingly.
  • Ensures optimisation to increase the response speed and outcome reliability.
  • Assists in developing internal control reports provided to external auditors.
  • Application of information security laws in computer crime investigation.
  • Analyses unexpected network or system events, assessing their impact, and devising and implementing actions to stop them.
  • Manages the sharing of important information quickly and accurately.
  • Supports the monitoring/review of policies, processes/procedures and prioritise operations.
  • Leads and manages incident response activities.
  • Communicates to senior leads awareness of significant incidents.
  • Support the development of enhance strategies and incident response playbooks.
  • Manage stakeholder relationships and streamline processes.
  • Shape and implement products and processes to protect the bank from Insider threat.
  • Develops appropriate metrics to display the effectiveness of Insider threat.
  • Monitor/review processes/systems and product performance to ensure continuous improvements are made to prevent and eliminate insider threats.

Requirements

Application security tools and processes Designing security programs Application testing for bugs Responding to application threats Information security concepts Detecting computer crime Digital threat prevention Endpoint security knowledge Security compliance monitoring Incident response experience Experience with SIEM platforms Kubernetes security monitoring Regulatory compliance knowledge, * Experience with incident management in cloud-based environments.

  • Knowledge of the tools and processes for maintaining application security.
  • Skills/knowledge of designing and implementing security programs.
  • Experience of application testing to detect bugs, flaws, and insecure configurations.
  • Experience of responding to application threats following established security policy.
  • Knowledge of concepts, tools, and practices of dealing with computer crime.
  • Experience of detecting and preventing crimes that involve computers/networks as instruments.
  • Sound knowledge of information security.
  • Knowledge of techniques, approaches, and processes of digital threats.
  • Experience of detecting, monitoring, analysing, and preventing digital threats.
  • Knowledge of concept, issues, and techniques of endpoint security.
  • Experience of ensuring security compliance of endpoint devices in various circumstances.
  • Demonstrable experience in fields such as information security, incident response, or related domains.
  • Demonstrate experience in incident response, security monitoring, digital forensics, and advanced malware analysis.
  • Experience of identifying, managing, and producing incident updates, reports, and recommendations to SLT to facilitate decision-making and risk management.
  • Knowledge of identity and access management (IAM) security principles and insider threat detection tooling.
  • Familiarity with container and Kubernetes security monitoring.
  • Experience with reverse engineering or sandbox analysis of malware samples.
  • Understanding of regulatory and compliance frameworks relevant to financial services (e.g., PCI-DSS, GDPR, DORA, NIST CSF).
  • Experience with SIEM platforms.

Apply for this position