Incident Responder

The potential employer, a renowned Swiss critical infrastructure company and a significant player in the industry, is sustainably expanding the field of information security.

• In this exciting role, you will actively help to ensure the continued development of the Cyber Defence Center.
• Analyzing and correlating events to detect attacks.
• Threat modeling and identifying new SIEM use cases.
• Developing recommendations for the further development of the Cyber Defence Center.
• Offering support in the event of an attack and coordinating with internal and external bodies.
• Performing forensic analyses on compromised systems.
• Actively searching for threats (threat hunting).
• Analyzing the international situation, particularly in the energy sector.
• Fostering active exchange with SOCs and CERTs of other critical infrastructure operators and authorities.
• Providing an on-call service (every 5-6 weeks).

• A degree in information security and at least 2 years SOC/Incident Response experience.
• Experience working in a Security Operation Center and in Incident Response.
• Familiarity with technologies such as firewalls, IDS, SIEM, or EDR.
• Previous experience in forensic investigations would be an advantage.
• Experience using scripting languages (especially Python and PowerShell) would be nice to have.
• Practical knowledge of the following tools would be an advantage: Splunk, Cyberreason, CISCO IDS, Snort, Elasticsearch.
• Very good written and spoken English. Knowledge of German is a plus.

• The CD-Team consists of seven people, responsible for detection and response of cyber security incidents.
• The team is part of the Cyber Security department and directly reports to the CISO.
• The team is a small, close-knit group who supports each other in good and tough moments, lives security and technology, and strongly values inclusion and equality.
• They work together, and together they also enjoy a drink after a hard day - or from time to time they leave work behind and engage in leisure activities together.
• Modern attractive work environment.
• Support of individual development - internal/external trainings.
• Flexible home office ruling (as long as you are flexible too).
• 5 minutes walk to Aarau station.
• Attractive holiday and remuneration package.