(Senior) Cyber Security Expert – Managed Detection and Incident Response (m/f/x)

Join to apply for the (Senior) Cyber Security Expert – Managed Detection and Incident Response (m/f/x) role at Eye Security

Eye Security provides cybersecurity solutions combined with embedded cyber insurance for organizations across Europe. Headquartered in the Netherlands, with over 170 FTEs, we are expanding internationally.

We leverage cutting-edge technology and hands-on expertise to detect, respond to, and recover from cyber threats in real time. Our team comprises talent from intelligence, military, tech, and consulting backgrounds, united by a mission to make enterprise-grade cybersecurity accessible to all businesses.

Working at Eye Security means engaging in projects with an international scope, tackling real-world challenges, and helping to build a safer digital future for our clients.

As part of our expansion in the Netherlands & Germany, we seek a (Senior) Cyber Security Expert (m/f/x) to perform Incident Response for clients facing (potential) cyber incidents. You will also collaborate with the Managed Detection and Response (MDR) team, ensuring client safety.

The MDR & IR team supports our clients 24/7 from the Security Operations Center (SOC), providing IR services for incidents such as business email compromise, ransomware attacks, and espionage.

The role can be based in Berlin, Duisburg (Germany), or The Hague (Netherlands), with a hybrid work setup.

• Respond to cyber incidents remotely or on-site, communicating clearly with clients throughout the process.
• Apply your knowledge of operating systems (Windows, Linux, Mac), cloud services (Microsoft 365, Azure, AWS, Google Cloud), and network security to analyze threats and mitigate risks.
• Support MDR workflows, triage security alerts in a 24/7 on-call rotation (approximately once per week), and work with cross-regional teams.
• Develop and improve internal playbooks, processes, and tools. Contribute to research, threat intelligence, and automation initiatives.
• Coordinate with stakeholders including colleagues, legal teams, data recovery specialists, and law enforcement to manage incidents effectively.

• Proven experience in Incident Response (IR), Digital Forensics and Incident Response (DFIR), or threat intelligence, including forensic investigations.
• Hands-on experience with cybersecurity tools like EDR products (e.g., CrowdStrike Falcon, SentinelOne, Windows Defender for Endpoint). Knowledge of scripting or programming to automate tasks is a plus.
• Excellent communication skills, especially under pressure.
• Curiosity to explore root causes and improve processes, with the ability to explain technical concepts clearly.
• A collaborative attitude, comfortable working in diverse environments, willing to perform SOC alert triage and documentation.
• Fluency in English and either German or Dutch.
• Willingness to participate in a 24/7 on-call schedule.

• A meaningful mission to protect organizations across Europe from cyber threats.
• A collaborative culture with top professionals from CERTs, intelligence agencies, and tech sectors.
• Autonomy in shaping processes and owning projects.
• Flexible, remote-friendly work culture with quarterly meetups, retreats, and socials.
• Generous time off, including wellbeing and volunteering days.

We look forward to your application.