Security Incident Responder

Allianz Group
Municipality of Madrid, Spain
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Remote
Municipality of Madrid, Spain

Tech stack

Microsoft Windows
Microsoft Active Directory
Data analysis
Business Software
CompTIA Security+
Computer Security
Continuous Integration
Linux
DevOps
Python
Powershell
Shell Script
Software Engineering
Systems Architecture
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Malware
Cyber Threat Analysis
Information Technology
Cybercrime
Web Technologies
Cyber Warfare
Go

Requirements

About You If you are an experienced Incident Responder-or someone who is passionate about handling real cyber incidents and understanding how attackers operate-this role is for you. You will join the Incident Response cluster within the Allianz Cyber Defense Center (ACDC), a global team at the forefront of protecting Allianz against sophisticated cyber threats. In this role, you will work on high-impact incidents, collaborate with experts across threat intelligence, detection, and security operations, and play a key role in strengthening our overall security posture. You enjoy working in dynamic environments, taking ownership during critical situations, and continuously improving how incidents are detected, investigated, and resolved. If you are motivated by real-world impact and want to be part of a highly skilled and collaborative cybersecurity team, we would love to hear from you. What you do - Coordinate and own security incident response activities in a heterogeneous, multi-cultural, and geographically distributed environment - engaging all relevant technical and non-technical stakeholders across all phases of an incident. - Acquire and analyze data from various sources during incident response activities and report on findings in a clear, actionable manner. - Conduct incident reviews, identify improvement potentials, and support the implementation of improvements - including updating guidelines, runbooks, and internal processes. - Actively contribute to enhancing ACDC's internal toolset through new ideas on functionality and features, as well as by developing automation scripts and custom tooling. - Analyse complex attack patterns and threat actors, derive technical insights, and provide recommendations to improve Allianz's detection and defence capabilities. - Collaborate closely with internal teams - including Threat Intelligence, Vulnerability Management, and Business Applications Teams - as well as external partners to ensure holistic and coordinated incident response. - Participate in on-call shifts and contribute to the ACDC team's 24/7 availability, ensuring rapid response to critical security incidents at any time. What you bring - University degree (Master's preferred) in Computer Science, Cyber Security, or a related field. - Extensive work experience in Incident Response, including managing complex environments; expertise in IT Forensics, Malware Analysis, or Vulnerability Management is a plus. - Comprehensive technical expertise in system architecture with broad proficiency in key IT security technologies: Linux and Windows, Active Directory / Entra ID, web technologies, email, networking, cryptography, and widely used DevOps tools. - Software engineering and scripting skills: Python, Golang, Shell scripting, PowerShell, CI/CD, and database management. - Strong understanding of technical and organisational aspects of information security, demonstrated through prior defensive or offensive work experience. - In-depth knowledge of fundamental attack concepts: terminology, tools, tactics, techniques, and procedures (TTPs). - Exceptional analytical and problem-solving mindset with the ability to collect, structure, analyse, and communicate large amounts of information with precision and attention to detail. - Excellent communication and interpersonal skills in English (fluent, written and spoken, including security terminology); willingness to participate in on-call shifts. Relevant certifications (e.g. SANS/GIAC, GCIH, GNFA, GCFA, GREM, GCFE, GIME), CompTIA Security+, CISSP, CISA, or CISM) are a plus but not mandatory. What we offer - We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad. - We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares

Apply for this position