DFIR Specialist

6 miesięcy temu


Wrocław, Polska Limango Pełny etat

DFIR Specialist / Security Engineer

As limango we create a company which has been specializing in e-commerce for 17 years. Together with platforms in the Netherlands, Poland, Austria and Germany, we are part of the OTTO Group, one of Europe's leading e-commerce companies. We are the shopping platform with the largest selection of products for the whole family
We work and play together. We value work-life balance and create a culture of respect, trust and equality. If these values are also key for you, there is a good chance that you will find your place with us.

What else you need to know?:

100% remote position with flexible working hours (once in a while visit in Munich or Wroclaw office will be expected)

Your role and main tasks

Responding to information security alerts and incidents through all response phases Analysing IoCs, suspicious network and email communication Co-ordinating additional support in case of more complex incidents Collaborating with group-level incident response team and relevant authorities in Poland and Germany Seeking for optimal solutions (processes, tools, procedures) to improve overall response capabilities Weekend on-call expectations and hours? Approximately 2 days per month – typically uneventful  Close collaboration with Otto – workshops in Hamburg twice a year Training/certification budget? 2-3 internal trainings, access to the RangeForce platform Opportunity to co-create the team from the ground up, significant impact on team operations and quick decision-making

You will need

Professional requirements for the candidate: Previous experience in a similar role - ideally both on SOC L1 and L2  Deep understanding of the end-to-end incident response process and cyber kill chain Working knowledge of MITRE ATT&CK framework and its real-life application Great understanding of MS Defender suite - mainly Defender for Endpoint and Defender for Office 365; KQL (Kusto) knowledge would be a great plus Working knowledge and experience in deployment of tools supporting incident response and digital forensics - such as FTK, Autopsy, Volatility, Wireshark, ExifTool, Snort, ... Working knowledge of ELK stack Fluency in English Bonus for any of the following certificates: GCFA, GEIR, GCIH, GNFA, SC-200, SC-300, ECIH Bonus for experience with cloud security incident response on AWS Bonus for German fluency Personal requirement for the candidate: Top communication skills - this role requires constant collaboration with variety of stakeholders - from non-technical junior employees, through senior engineers, up to the top-level management "I'm here to help" attitude Willingness to exercise own ideas, propose solutions, improve the environment. Experience with incident handling on AWS would be a Massive plus

Benefits

Private healthcare
We provide access to the best specialists for you and your loved ones.
Language classes
English and German lessons in small groups, tailored to your skills.
Remote work and flexible working hours 
Possibility of partial remote work, as well as adjusting working hours to your daily schedule.
Office in the center of Wrocław
Nearby cinema, fitness club and a large selection of lunch places.
Fruit Mondays 
There is no shortage of coffee, fruit, pizza, sweets and healthy snacks in our office.
Company events in the best company
After hours we often organize interesting outings or meetings in our office.
What you can count for: Interesting and challenging work in the dynamic environment of the Internet industry - you will not get bored with us The possibility of real shaping of the business - we value independence and delegate responsibility, Gaining experience in an international team, operating in different European markets.

Sounds good?

We can''t wait to get to know you.