DFIR Specialist Security Engineer at Limango Polska #vacancy #remote

As limango we create a company which has been specializing in e-commerce for 17 years. Together with platforms in the Netherlands, Poland, Austria and Germany, we are part of the OTTO Group, one of Europe’s leading e-commerce companies. We are the shopping platform with the largest selection of products for the whole family!

We work and play together. We value work-life balance and create a culture of respect, trust and equality. If these values are also key for you, there is a good chance that you will find your place with us.

What else you need to know?:

100% remote position with flexible working hours (once in a while visit in Munich or Wroclaw office will be expected)

 

Your role and main tasks

  • Responding to information security alerts and incidents through all response phases
  • Analysing IoCs, suspicious network and email communication
  • Co-ordinating additional support in case of more complex incidents
  • Collaborating with group-level incident response team and relevant authorities in Poland and Germany
  • Seeking for optimal solutions (processes, tools, procedures) to improve overall response capabilities
  • Weekend on-call expectations and hours?
  • Approximately 2 days per month – typically uneventful
  • Close collaboration with Otto – workshops in Hamburg twice a year
  • Training/certification budget?
  • 2-3 internal trainings, access to the RangeForce platform
  • Opportunity to co-create the team from the ground up, significant impact on team operations and quick decision-making

You will need

  • Professional requirements for the candidate:
  • Previous experience in a similar role – ideally both on SOC L1 and L2
  • Deep understanding of the end-to-end incident response process and cyber kill chain
  • Working knowledge of MITRE ATT&CK framework and its real-life application
  • Great understanding of MS Defender suite – mainly Defender for Endpoint and Defender for Office 365; KQL (Kusto) knowledge would be a great plus
  • Working knowledge and experience in deployment of tools supporting incident response and digital forensics – such as FTK, Autopsy, Volatility, Wireshark, ExifTool, Snort, …
  • Working knowledge of ELK stack
  • Fluency in English
  • Bonus for any of the following certificates: GCFA, GEIR, GCIH, GNFA, SC-200, SC-300, ECIH
  • Bonus for experience with cloud security incident response on AWS
  • Bonus for German fluency
  • Personal requirement for the candidate:
  • Top communication skills – this role requires constant collaboration with variety of stakeholders – from non-technical junior employees, through senior engineers, up to the top-level management
  • “I’m here to help” attitude
  • Willingness to exercise own ideas, propose solutions, improve the environment.
  • Experience with incident handling on AWS would be a Massive plus

 

Benefits

  • Private healthcare
  • We provide access to the best specialists for you and your loved ones.
  • Language classes
  • English and German lessons in small groups, tailored to your skills.
  • Remote work and flexible working hours
  • Possibility of partial remote work, as well as adjusting working hours to your daily schedule.
  • Office in the center of Wrocław
  • Nearby cinema, fitness club and a large selection of lunch places.
  • Fruit Mondays
  • There is no shortage of coffee, fruit, pizza, sweets and healthy snacks in our office.
  • Company events in the best company
  • After hours we often organize interesting outings or meetings in our office.
  • What you can count for:
  • Interesting and challenging work in the dynamic environment of the Internet industry – you will not get bored with us!
  • The possibility of real shaping of the business – we value independence and delegate responsibility,

Gaining experience in an international team, operating in different European markets.

exiftool Wireshark Security snort MITRE ATT&CK Amazon Web Services (AWS) kql Elastic Stack

Залишити відповідь