Cyber Security Incident Responder

The SOC Incident Handler is responsible for resolving incidents identified by SOC analysts. The core function is containing and mitigating suspected harmful cyber events by focusing the appropriate resources to address incidents, minimize potential damage, and recover quickly. This position is responsible for chasing/following-up progress, actively communicating with the interested operations and business units concerning the incident and actions taken throughout the lifecycle, as well as continually leveraging SOC analysts to support investigations.

This position is part of the Verisure SOC and provides Incident Response support for a global company stretching from Finland to Argentina. Daily incident handling as well as anticipation to meet future events is part of these responsibilities.

Documentation requirements to create runbooks, strengthen procedures and communication actions as a focus of Incident Response are involved. Coordinating multi-team frameworks to improve IR process and procedures also plays a central role.

• Plan, manage, coordinate, and communicate to contain and mitigate an incident.
• Works closely with regional IT Operations and teammates to resolve cybersecurity and privacy incidents in a timely manner; escalates unresolved incidents as appropriate.
• Knowledge and experience with the IR lifecycle.
• Prioritizes incidents in terms of their criticality; can distinguish between a misconfiguration and which events may escalate to larger issues if not resolved.
• Provides continuous coordination, direction, and leadership of all incidents raised by SOC.
• Strong rapport with SOC analysts to collect investigative analysis and have a clear understanding of the incident to be handled.
• Develop trusted communication on issues, requirements with key stakeholders across multiple countries.
• Maintains high confidence of the SOC Manager.
• Communicates the status of an incident with clarity and focus.
• Handles AV alerts for both endpoints and servers.
• Ability to leverage outlined policy to guide security practices to business groups and teammates. Identifies gaps to be addressed.
• Versed in reading VM reports to spot any affected assets from Threat Intell reporting.
• Documents all team activities, especially containment and recovery tasks, and develops a reliable timeline for each stage of the incident.
• Maintain a high degree of ‘best practice’ and professional attention to detail within the SOC Operations team.
• Excellent writing and presentation skills.

• Recommending security improvements to help internal operations be better protected.
• Assist with InfoSec projects as needed.
• Apply Best Practice Standards to security tools to aid in minimizing harm to infrastructure.
• Coverage for teammates.
• Acting as the main point for incident escalation during major incidents.

• Extensive experience in responding to Cyber Operations including monitoring, incident response & handling, threat detection, and threat intelligence.
• SIEM experience.
• ISO27001 knowledge.
• CIS Benchmarks, NIST understanding.
• Ticketing systems dexterity and procedure lifecycle ownership.
• Mitre Attack Framework familiarity.
• Applicable degree or equivalent industry experience.
• Knowledge of relevant legal obligations & applicable legislation such as GDPR.
• Excellent communication skills.
• Formal report writing.
• Ability to do independent research.
• Security Awareness.
• International work experience (global team).
• Perform other essential duties as required.

• Incident Handler certification: GCIH, ECIH, CySA+, CREST, CISSP or similar.
• ITIL certification.
• Splunk searches.
• Linux, Windows tools and scripting.
• Memory Forensics.
• Reading Firewall traffic; Wireshark.
• Penetration testing & Vulnerability finding tools.
• ForeScout, Network Access Control.
• Fluency in: English / Portuguese (Please apply with English CV).

Verisure is a global leading provider of professionally monitored security solutions. We are an international company with a start-up mindset, fast, agile, and lean, high-performance and value-driven. We protect millions of customers in 17 countries. Our business model integrates product development, design and sales with installation, outstanding service and a 24/7 professional monitoring solution. We protect people from intrusion, fire, and flood - and we save lives.

Verisure Innovation is an equal opportunity employer and welcomes applicants from diverse backgrounds. We are an international company with offices and colleagues in multiple countries.