Logo of Huzzle

Home

Matches

Explore

Manage

Cyber Incident Handling

image

Devoteam

8d ago

  • Job
    Full-time
    Junior Level
  • Consulting
    IT & Cybersecurity
  • Madrid

AI generated summary

  • You need 1+ years in cybersecurity, a relevant degree, incident response knowledge, risk management understanding, high English proficiency, and preferably certifications like CISSP or CEH, with financial industry experience.
  • You will analyze and manage cyber incidents, coordinate responses, document activities, conduct post-mortems, supervise team performance, and collaborate with stakeholders, ensuring service quality 24/7.

Requirements

  • 1+ years of experience in cyber security with a broad understanding of information security and previous experience as part of a CIRT, CSIRT or similar response team.
  • Degree such in computer science, engineering or similar
  • Knowledge of Incident Response and Handling methodologies – Experienced level.
  • Knowledge of cyber incident categories, incident response, and timelines for responses.
  • Knowledge of cyber defense and information security procedures and regulations.
  • Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • High level of English.
  • Desired one or more of the following certifications (CISSP, CISA, CISM, CEH, OSCP, GCIH).
  • Experience in the financial/banking industry.

Responsibilities

  • Expertise to analyse, manage and investigate cyber incidents.
  • Handle and respond to cyber security incidents to ensure comprehensive and cohesive world class response: First triage activities, Analyze incidents and determine their impacts, Notification and Escalation of incidents according to its impacts, Participate in the containment, eradication, and recovery of major incidents, Document and keep track of every activity related with the incident response process.
  • Develop a post mortem analysis of systems and networks.
  • Manage complex cyber security incidents globally across the group. Become part of a world class capability that will own, respond and coordinate significant incidents ensuring successful resolution and adopting lessons learnt to increase the cyber resilience.
  • Orchestrate the necessary human and technical resources for the resolution of high impact cyber incidents.
  • Design and supervise an organized approach to address and manage the aftermath of a security breach or cyberattack in order to limit damage on internal systems, data, and networks and reduce recovery time and costs.
  • Drive continuous improvement in Santander´s cyber response capability through your involvement in the cyber readiness programme across the Global Cyber Respond Team.
  • Review and coordinate projects related with the development and improvement of Incident Response plans, policies, and procedures ensuring a consistent, professional and disciplined approach.
  • Participate in the cyber exercises programme to develop capabilities globally:
  • Design and execute focused development plans for entities and internal teams, addressing gaps in capability through innovative training solutions and cyber exercises, such as:
  • Live simulation / table top to test processes, such as critical business and technical playbooks.
  • Technical simulations, such as Cyber Ranges
  • Skills labs on the use of cyber incident orchestration tools and threat intelligence platforms.
  • Preparation and final QA of incident reports and minutes oriented to senior management audience.
  • Contribute to the establishment of a strong and collaborative Global Community between Cyber Threat Units.
  • Collaborate with key stakeholders within the bank, such as Global Forensics, Global Security Operations Centre, Corporate Security & Intelligence, Global Cyber Fraud, and the Secure User Experience team, among others.
  • Be available to participate in the incident response procedure in 24x7 basis, 8/hour shifts, and On-Call scheme.
  • Establish Delivery Processes.
  • Supervise team members performance.
  • Distribute and assign the different projects and tasks.
  • Monitor, control and support service delivery.
  • Be accountable for the quality of Service, disponibility and performance.
  • Interest in new technologies and a "liking" for the subject of reporting.

FAQs

What is the main focus of the Cyber Incident Handling role at Devoteam?

The main focus is to analyze, manage, and respond to cyber incidents, ensuring a comprehensive and cohesive response to incidents while collaborating with various stakeholders.

What qualifications are required for this position?

A degree in computer science, engineering, or a similar field is required, along with at least 1+ years of experience in cybersecurity and a broad understanding of information security.

Are there any specific skills or knowledge required for the role?

Yes, required skills include knowledge of incident response methodologies, cyber incident categories, cyber defense procedures, risk management processes, and proficiency in English.

What certifications are recommended for candidates applying for this role?

Candidates are recommended to have certifications such as CISSP, CISA, CISM, CEH, OSCP, or GCIH.

What responsibilities does this role entail regarding incident response?

Responsibilities include first triage activities, analyzing incidents, participating in containment and recovery efforts, documenting incident responses, and developing post-mortem analyses.

Is this position part of a 24x7 support team?

Yes, this position requires participation in the incident response procedure on a 24x7 basis, including 8-hour shifts and an on-call scheme.

How does the role contribute to continuous improvement in cybersecurity?

The role drives continuous improvement by participating in the cyber readiness program and collaborating on the development of incident response plans, policies, and training exercises.

What is the importance of collaboration in this role?

Collaboration is crucial as this role involves working with key stakeholders across the organization, such as Global Forensics and Global Security Operations Centre, to ensure an effective response to cyber incidents.

Does the company have a culture of ongoing training and development?

Yes, the company emphasizes continuous training and certification for its consultants in the latest technologies and cybersecurity practices.

What industries does this position particularly benefit from regarding experience?

Experience in the financial or banking industry is particularly beneficial for candidates applying for this position.

image

Devoteam

Consulting
Industry
10,001+
Employees
1995
Founded Year

Mission & Purpose

Devoteam is a leading consulting firm focused on digital strategy, tech platforms, data and cybersecurity. By combining creativity, tech, and data insights, we empower our customers to transform their business and unlock the future. With 25 years’ experience and more than 10,000 employees across Europe, the Middle East and Africa, Devoteam promotes responsible tech for people and works to create better change. Creative tech for Better Change