Incident Response Expert

**About Us**:
Senthorus provides organizations with a state-of-the art solution to increase their security in the cloud and on their internal IT. Our 24/7 operations out of our Security Operations Centers (SOCs) located in Switzerland, leverage BlueVoyant's expertise while customers can be confident that all data is maintained and operated securely within Swiss borders - offering peace of mind without sacrificing oversight or effectiveness into cyber defense strategy.

Position Purpose: As part of our Incident Response Team (CSIRT), your mission will be to act as an Expert of Cyber Security Incident Response for our clients. Part of the responsibility will be to engage with deep expertise, to support the service evolution, to work on threat intelligence engagements and to support special events cyber security.

You will deliver the Incident Response services remotely or onsite depending on situation.

Reports to: CSIRT Manager

**_If you:

- **
- Have cyber security as a passion and know cyber space overall
- Like the adrenaline and challenges in Cyber Security
- Feel being able to lead technically and tactically major cyber security incidents
- Able to establish the trust with technical and management people even during a tense crisisAre customer oriented and highly motivated by providing excellent client satisfaction

This position is for you.

**RESPONSIBILITIES**:

- Support Management to define the Incident Response related services:

- Managed Incident Response
- Incident Response Retainer
- Emergency Incident Response
- Threat Intelligence services
- Act as a leader in IR engagements with clients to coordinate activities for professional and experienced IR.
- Provide guidance on tools, tactics and techniques to use to handle a major security incident
- Conduct highly technical examinations, forensics, malaware, deep analysis and reporting of computer based evidence related to security incidents (intrusion artifacts/IOCs) or investigations.
- Effective and secure handling of digital evidence and matter confidentiality (chain of custody).
- Provide technical guidance on tools and methods from standard investigation down to reverse engineering of payloads
- Provide reporting and recommendations for clients; document incidents from initial detection through final resolution
- Be available, ready, and able to accept incoming calls
- 24x7 on-call duty is part of the IR job
- May need to travel in emergency to specific locations for IR engagement

Research
- Watch threat intelligence and disseminate information with colleagues
- Present IR cases as study cases to the team and even in specific events
- Do presentations on attack methods for clients, prospects or colleagues
- Evaluate of new tools or attack techniquesDocument vulnerabilities and exploits

**Profile**:
**_a) Experience & Background: _**
- Minimum 5 years’ experience in information security managing and Incident Response or educational equivalent
- Excellent client service skills
- Excellent analytical thinking and problem-solving skills
- Oral and written communication skills
- Strong knowledge on Network, Operating Systems (Windows and Unix/Linux), Infrastructure, Cloud Services,
- Very good in analyzing log data
- Experience implementing and managing End Point Security products
- Knowledge of incident response processes (detection, triage, incident analysis, remediation and reporting).
- High level of ethical hacker knowledge and understanding of malware/ransomware.

**_b) Languages: _**
- Fluent English
- Plus a very good level of written and spoken French and/or German

**_These would be a plus: _**
- Technical certifications such as SANS
- Any other languages are an asset