JOB DESCRIPTION ABOUT THE ROLE : Prepare and Rehearse Execute preparation and planning efforts, within DHL IT Services organization, to respond to various security incident scenarios (internal and external).
Plan, design, deploy and improve incident response ecosystem capabilities : people, processes and technologies to efficiently and effectively respond to real and potential scenarios.
Rehearse to ensure continuous high readiness. RespondLead medium and major security Incident Response activities across DPDHL organization, with help of internal and external teams.
Conduct digital forensics in-depth (network, host, memory) and malware analysis. HuntExecute Cyber Threat hunt exercises.
Manage portfolio of hunt hypothesis, their execution and end outcomes delivery. Develop adaptive capabilities to allow easy on-boarding and efficient execution of new threat hunt exercises to prepare organizational response to zero-day threats, campaigns and vulnerabilities.
What really matters!Your KEY objective is to keep DHL IT operations running! by executing efficient and effective incident response capabilities, and minimization of impact on DPDHL Group from cyber incidents.
Your MISSION is to : shorten time to detect an incident, shorten time to contain it, shorten time to remediate and recover from it.
DPDHL group must always emerge stronger from every cyber threat response rehearsal, from every medium and major security incident, from every cyber threat hunt and readiness exercise. YOUR WORK :
Continuously develop Incident Response practice. Set high standards!
Train and develop Incident Responders skills and mindset, across ITS teams. Be a knowledge sharing role model. People are our most critical asset !
Research emerging Cyber Threats, prepare incident response plans, and sharpen people, process and technology.
Execute digital forensics (multi-platform and network), data acquisition and data analytics in-depth (host and network level).
Execute memory forensics, targeted memory capture ensuring data integrity and fidelity.
Execute malware static and dynamic analysis, malware reversing.
Execute Security Architecture reviews and assessments of security technology stack too continuously boost security incidents breach prevention and detection capabilities (SIEM, EPP, EDR, SEG, SEW, NGFW, NGIPS, AD / AAD, other). YOU SHOULD HAVE :
Passion for information security, continuous learning mindset and problem solving attitude be a role model for the fellow colleagues!
Very good experience in Information Security Incident Response management practices (ISIRT / CSIRT) and in Crisis Management situations.
Proficient experience in digital forensics (multi-platform, network, memory), data acquisition and data analytics in-depth (host and network level).
Very good understanding of Common Cyber Attack techniques and principles e.g. MITM, Cyber Kill Chain and MITRE ATT&CK framework.
Very good understanding of multiple security tools and platforms (e.g. SIEM, IPS, NGFW, EPP, EDR)
Proficient with programing languages (e.g. Python, Shell, PowerShell, CSharp) and system administration operations (to run forensic lab, malware lab, honeypots net, other). NICE TO HAVE :
Understanding of Project Management (PM) and IT Infrastructure Library framework (ITIL).
Understanding of Identity and Access Management (IAM), Web Application Security (WAS) and Cloud Security concepts. WHAT WE OFFER :
Great team of IT professionals and possibility of technical development
Modern offices in Chodov
Home office possibilities
Company Car, Pension plan contribution, Long-term Sickness Insurance
CAFETERIA employee benefit program with wide selection of benefits from Edenred
Extra week of holiday (25 days / year), 6 Self-sickness days / year, Full salary compensation for up to 10 days absence due to illness per calendar year, Lunch vouchers fully covered by company
Multisport card, mobile and laptop, fruit days, sport clubs for employees, Referral program For more details feel free to contact .