Incident responders

We are expanding and therefore searching for several dedicated incident responders, who also excels in other areas within it security consultancy and who wants to work within a market-leading, cutting-edge team.

This position is currently open in our Security Analytics Centre and consultancy department, located in Copenhagen, Denmark.

Too busy to write an application? Let the company know you’re interested - Click here

Key functions/role:
The primary focus is to be part of CSIS incident response team. We help with both the small ransomware case but also targeted threats and compromises of entire large networks comprised of tens of thousands of machines.

The work will also include various consultancy related task including but not limited to penetration testing, advising clients on windows security and giving recommendations on how to harden a network.

Furthermore, you should be prepared to assist in our Security Analytics Centre as Tier 3 analyst.

The ideal candidates:
We are searching for both a senior candidate with at least 10 years of technical experience and a mid-range with at least 5 year of technical experience.

Of both candidates, we expect, previous experience with large scale intrusion. You have to have technical knowledge on how to find the needle in the haystack. You are passionate about helping the client to assess the incident, secure the network, find the breech or point of entry, and get the client back to running their business.

We have a full team of reversers standing by to help you with any malicious code you find, so reversing is not a requirement.

Minimum qualifications:
Required technical knowledge and practical experience in the areas below:

• Knowledge of both Windows and Linux security
• Computer forensics
• Penetration testing
• Understand business demands
• Used to writing concise incident reports, with good recommendations
• Incident response process
• Knowledge of enterprise network setups, network and windows domain.
• Be available to travel with short notice
• Be part of an on-call 24/7/365 duty plan
• Several years of IR experience from previous job (either in large enterprise or as a consultant)
• Good verbal and written communication skills in English

Bonus points given for:

• Relevant degree or certification(s) (BSc, MSc, GIAC (GCIH, GCIA, GPEN, GCFA), OSCP)
• Good communication skills in Danish
• Knowledge of Carbon black response
• Knowledge of Darktrace
• Knowledge of using a SIEM system (qradar, logpoint etc.)
• Network forensics
• Memory forensics
• Experience in code review (.net, c#, php)
• Experience with large scale intrusions (10.000+ devices)
• Consulting experience
• Translate IT security risk into business risk and present to non-technical people

Type:
Full-time and permanent position available immediately

Other:
Candidate must be able to pass a background investigation.

Relocation to Denmark will be required if the successful candidates is currently located elsewhere.

Contact:
To apply for this position, please e-mail your resume and a cover letter to: HR Manager, Amalie Winterberg via the "Ansøg" link.

Please use below S/MIME certificate if you want to send information encrypted.

Additional information about this position:
Please contact Mathias Puggaard Nøhr, Head of Consultancy, SAC and Incident Response: mpn_@_csis.dk (remove underscores).

We welcome diversity and attract candidates from all backgrounds, traditional and non-traditional. Whatever your age, gender, disability status, sexual orientation, religion, ethnicity or family circumstances, we make it our business to make sure you’re treated with fairness and respect. Always.

Please write in your application that you've seen the job at Jobfinder