Informacje o stanowisku

technologies-expected :

• Azure AD
• Microsoft 365
• Windows Server
• Linux

• Python
• Bash

• We are seeking a passionate and skilled Incident Responder to join our expanding Detection & Response Team. Our team is dedicated to monitoring client environments, hunting for potential threats across vast datasets, and continuously improving our detection capabilities. This role provides a unique opportunity to grow in highly technical areas, leverage cutting-edge tools, and contribute to uncovering previously unseen threats.
• We are looking for a candidate who is highly motivated, eager to enhance their cybersecurity expertise, and committed to protecting our clients’ networks from evolving adversaries.

• Proactively investigate host, network, and log-based security events to detect and respond to suspicious activities.
• Manage incidents end-to-end, from detection and analysis to containment, eradication, and post-incident recovery.
• Research and understand new attack techniques to develop innovative detection and response strategies.
• Collaborate with clients, presenting findings and recommendations from both technical and business perspectives.
• Enhance your skills by performing in-depth investigations, including malware analysis, memory forensics, and network traffic analysis.
• Gain hands-on experience with Azure AD, Microsoft 365, and other cloud-based platforms to investigate and mitigate modern cyber threats.
• Develop and refine your understanding of Windows and Linux internals, core IP networking, and common protocols.
• Work with industry-leading tools, such as SIEM and EDR platforms, and improve automated and manual detection methods.
• Collaborate with a skilled team to grow your knowledge of offensive and defensive security techniques, including advanced TTPs (Tactics, Techniques, and Procedures).

• If these points resonate with you, you will seamlessly integrate into our team and thrive:
• Terms like C2 Frameworks, malware analysis, process injection, telemetry , EDR, and APT excite you, and you’re eager to engage with these concepts daily.
• You are passionate about staying ahead of attacker techniques and are keen to respond to the ever-evolving threats they present to organizations.
• You are an avid learner who keeps up with the latest developments, regularly exploring resources like /r/netsec or other security-focused publications to stay informed.
• You enjoy both using and developing cutting-edge tools to enhance detection and response capabilities and actively follow the latest trends in the cybersecurity industry.
• You have real-world experience responding to cyberattacks, ranging from basic threats to advanced nation-state-level incidents, and you are enthusiastic about sharing your expertise with your team and the broader cybersecurity community.
• Preferred Skills and Qualifications
• Experience responding to cybersecurity incidents, including advanced threat investigations.
• Proficiency in analyzing attacker TTPs, with familiarity with frameworks like MITRE ATT&CK.
• Hands-on experience with security tools such as SIEM, EDR, or other log analysis platforms.
• Knowledge of Azure AD, Microsoft 365, and related cloud environments.
• A solid understanding of network protocols, IP fundamentals, and operating system internals (Windows, Linux).
• Familiarity with scripting or automation (e.g., Python, Bash) for incident response and detection enhancement.
• Strong problem-solving and analytical skills, with the ability to work under pressure during active incidents.

• The opportunity to work with a passionate and skilled team dedicated to advancing cybersecurity.
• Access to the latest tools, technologies, and methodologies in incident response and detection.
• A focus on professional growth with access to certifications, training programs, and hands-on experience.
• A dynamic and evolving environment where your contributions have a direct impact on the security of clients worldwide.

Warszawa - Oferty pracy w okolicznych lokalizacjach