L3 Cyber Security Incident Responder

Set up as a new job alert
  1. Contract
  2. English
  3. Mid-Senior level
  4. Digital & Technology
  5. St. Gallen
  6. Digital & Technology


Cyber Security Incident Responder, DLP, CTI, L3, Digital Forensics

Click here to get a notification every time a job like this gets added

Great news! We will let you know when a new job like this has been added!

This vacancy has now expired
On behalf a market leading company with a globally recognised brand, Swisslinx are looking for a Cyber Security Incident Responder with AWS experience to join a mid sized Cyber Defense team in St Gallen on a contract basis (initially six months with chance of extension) starting ASAP.

The role offers 50% WFH, however there exists the option to work fully remote.

As a key member of a diverse team you will be engaged in project related tasks, as day to day incident response. This will include the following:

• Manage and lead the efforts of response to complex attacks against the company globally
• Help to improve the security incident response processes on our growing cloud and on-premises environments.
• Support investigations and bring them to resolution or escalate to system owners in Global-IT.
• Report the outcomes of incident handling to senior management.
• Write scripts, playbooks, detection logic, and work on orchestration and automation our target system landscape (including SIEM, SOAR, EDR)

As the perfect candidate you will possess the following skills and experience:
• Minimum of 4 years' experience in Security Incident Response or related fields, encompassing threat hunting, intrusion analysis, and cyber threat intelligence.
• Proficiency in conducting DLP investigations and insider/external threat investigations.
• Expertise in threat hunting leveraging inputs from CTI (Cyber Threat Intelligence) for identifying APTs (Advanced Persistent Threats), threat actors, and advanced techniques and tactics.
• Familiarity and adherence to MITRE and SANS incident response frameworks and best practices.
• Hands-on experience or comprehensive knowledge of SIEM (Security Information and Event Management), XDR (Extended Detection and Response), SOAR (Security Orchestration, Automation, and Response), EDR (Endpoint Detection and Response), and DLP (Data Loss Prevention) / NDR (Network Detection and Response) platforms.
• Fluency in English

Desirable Skills/ Good to have:

• Background in digital forensics.
• Experience in cybersecurity engineering.
• Certification: CISSP, GCIH, GSEC, FOR EC-Council’s Certified Incident Handler (ECIH), SEI Computer Security Incident Handler (CSIH) would be advantageous.
• Familiarity with Microsoft security technology stack, including Purview.

Please note interviews would be conducted via video call (max two rounds), however the role is based 100% in Switzerland. Our client offers:

• Multicultural company where English is the main language
• Competitive rate based on candidate expectations/experience
• The opportunity to work in a diverse and international environment with a strong team spirit and personal atmosphere
• Very stable company with great market reputation
• Opportunity for growth and development within the company
• Flexible working with 50% WFH (possibility to work fully remote)

Are you interested to work in an international environment in a market leading company with great growth prospects for the future? Then apply now! We look forward to receiving your full application.

What are the similarities between nanotechnology and biotechnology?

Professional in the tech industry using a cutting-edge tablet for work.

Exploring Switzerland's growing presence in the global tech market