CSIRT Analyst

Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR)? Does Incident Response, Digital Forensics, Threat Hunting, Threat Intelligence and everything related to Cyber Security feel like second nature to you? Are you a Cyber Defender at heart, driven to strengthen the blue team and help organizations that are under attack? If you answered yes to all of these questions, you might be the perfect fit for our CSIRT Analyst role!

• You handle security alerts/incidents that have been escalated by the SOC Analysts (Tier
  2)
• You will handle security alerts and incidents together with your team
• You conduct DFIR assignments, including DFIR readiness assessments
• You participate in the weekly Threat Hunting duty to proactively chase threats through novel Tools, Techniques & Procedures (TTPs)
• You will perform compromise assessments to identify potential compromises and their scope
• You collect Threat Intelligence (IOCs and TTPs)
• You will contribute to Detection Engineering in SIEM, xDR.
• Together with the Red Team you will do Purple Teaming exercises to test and improve defenses
• You contribute to the creation of playbooks in SOAR
• You will co-write processes and procedures related to DFIR, Threat Intelligence, Threat Hunting.
• You will be part of our Incident Response on call service.

• At least 3-5 years of experience in a similar position.
• Significant hands‑on experience in disk, memory and log acquisition in a forensically sound manner, parsing and deep forensic analysis of extracted artifacts and professional post‑incident report writing
• A bachelor or master degree or equivalent through experience.
• A hands‑on and proactive mindset with a 'can do' mentality.
• Experience and/or interest in working with the following MDR tools: EDR (Crowd Strike Falcon, MS Defender for Endpoint, Sentinel One, ...), NDR (Vectra, Darktrace, ...), xDR (Crowd Strike Identity Protection, MS Defender for Office/Clouds Apps/Identity/...).
• Knowledge of Security Monitoring with SIEM technologies.
• A passion about the following security capabilities:
  Security Monitoring, Digital Forensics, Incident Response, Threat Intelligence, Threat Hunting.

CTG will consider for employment all qualified applicants including those with criminal histories in a manner consistent with the requirements of all applicable local, state, and federal laws.

CTG is an Equal Opportunity Employer. CTG will assure equal opportunity and consideration to all applicants and employees in recruitment, selection, placement, training, benefits, compensation, promotion, transfer, and release of individuals without regard to race, creed, religion, color, national origin, sex, sexual orientation, gender identity and gender expression, age, disability, marital or veteran status, citizenship status, or any other discriminatory factors as required by law.

CTG is fully committed to promoting employment opportunities for members of protected classes.