As limango we create a company which has been specializing in e-commerce for 17 years. Together with platforms in the Netherlands, Poland, Austria and Germany, we are part of the OTTO Group, one of Europe’s leading e-commerce companies. We are the shopping platform with the largest selection of products for the whole family!
We work and play together. We value work-life balance and create a culture of respect, trust and equality. If these values are also key for you, there is a good chance that you will find your place with us.
What else you need to know?:
100% remote position with flexible working hours (once in a while visit in Munich or Wroclaw office will be expected)
Your role and main tasks
- Responding to information security alerts and incidents through all response phases
- Analysing IoCs, suspicious network and email communication
- Co-ordinating additional support in case of more complex incidents
- Collaborating with group-level incident response team and relevant authorities in Poland and Germany
- Seeking for optimal solutions (processes, tools, procedures) to improve overall response capabilities
- Weekend on-call expectations and hours?
- Approximately 2 days per month – typically uneventful
- Close collaboration with Otto – workshops in Hamburg twice a year
- Training/certification budget?
- 2-3 internal trainings, access to the RangeForce platform
- Opportunity to co-create the team from the ground up, significant impact on team operations and quick decision-making
You will need
- Professional requirements for the candidate:
- Previous experience in a similar role – ideally both on SOC L1 and L2
- Deep understanding of the end-to-end incident response process and cyber kill chain
- Working knowledge of MITRE ATT&CK framework and its real-life application
- Great understanding of MS Defender suite – mainly Defender for Endpoint and Defender for Office 365; KQL (Kusto) knowledge would be a great plus
- Working knowledge and experience in deployment of tools supporting incident response and digital forensics – such as FTK, Autopsy, Volatility, Wireshark, ExifTool, Snort, …
- Working knowledge of ELK stack
- Fluency in English
- Bonus for any of the following certificates: GCFA, GEIR, GCIH, GNFA, SC-200, SC-300, ECIH
- Bonus for experience with cloud security incident response on AWS
- Bonus for German fluency
- Personal requirement for the candidate:
- Top communication skills – this role requires constant collaboration with variety of stakeholders – from non-technical junior employees, through senior engineers, up to the top-level management
- “I’m here to help” attitude
- Willingness to exercise own ideas, propose solutions, improve the environment.
- Experience with incident handling on AWS would be a Massive plus
Benefits
- Private healthcare
- We provide access to the best specialists for you and your loved ones.
- Language classes
- English and German lessons in small groups, tailored to your skills.
- Remote work and flexible working hours
- Possibility of partial remote work, as well as adjusting working hours to your daily schedule.
- Office in the center of Wrocław
- Nearby cinema, fitness club and a large selection of lunch places.
- Fruit Mondays
- There is no shortage of coffee, fruit, pizza, sweets and healthy snacks in our office.
- Company events in the best company
- After hours we often organize interesting outings or meetings in our office.
- What you can count for:
- Interesting and challenging work in the dynamic environment of the Internet industry – you will not get bored with us!
- The possibility of real shaping of the business – we value independence and delegate responsibility,
Gaining experience in an international team, operating in different European markets.
exiftool Wireshark Security snort MITRE ATT&CK Amazon Web Services (AWS) kql Elastic Stack