Cyber Threat Specialist
We're looking for highly motivated individuals to join SumUp’s Information Security team as a Cyber Threat Specialist. This role will cover a wide range of security disciplines across a wide spectrum of sources and locations. The candidate will perform tasks associated with Forensics, Threat Hunting, Incident Response, security analytics, and threat intelligence. The candidate will have experience working in cloud environments.You will assist in leading the forensics, threat hunting, & incident response initiatives, build and improve tools and methodology and add value to the rest of the efforts of the information security team. The ideal candidate will enjoy mentoring and training junior members.
What you’ll do:
Performing Host/network/cloud based forensic investigations
Performing incident response with internal and external parties
Identifying lessons learned and making recommendations to improve security controls in order to mitigate the risk of re-occurrence
Drafting incident reports tailored for management and technical peers
Maintaining and continuously improving the standard incident response and threat hunting toolkits
Monitor and analyze security events in a hybrid network
Analyze a variety of application, network and system security logs to determine the correct remediation actions
Conduct proactive research to detect new attack vectors
Review threat intel, industry and vendor security alerts for vulnerabilities and security issues. Work with other internal and external teams to mitigate solutions based on vendor advisories and best practices
Research and identify key indicators of malicious activities on the network and end user workstations
Implements security improvements by assessing current situation, evaluating market trends and anticipating requirements
Analyze IT footprint in production areas, assess related security level and develop and implement security measures
Develop, document and manage the threat hunting and incident response strategy
Mentor Junior members and contribute to awareness trainings
You’ll be a great fit for this role if
A degree in IT or a comparable training with professional experience in the relevant area
One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent certifications in these areas
Experience as a network forensics analyst in cloud networks
Several years of experience as an Incident Responder
Experience developing and managing incident response programs
Experience working within a Security Operations Center or equivalent experience performing computer security incident detection & response activities
Expertise in Security Information and Event Management tools
Working knowledge in the area of infrastructure security tools such as firewalls, network security monitoring, anti-malware, OS hardening, etc.
Knowledge of common application/system vulnerabilities, threat actors and mitigations
Good project management skills
Excellent communication skills both oral and written are required to interface with other employees who are both technical and nontechnical
Exceptional service skills, including the ability to interact professionally with a diverse group of internal customers a
Why you should join SumUp
You'll have the opportunity to make an impact as we work in flat hierarchies
You'll have the space to drive your career here and take ownership of projects
You’ll work as part of a diverse, international team
You’ll attend regular team events
We believe in the everyday hero. Those who have the courage to follow their passion and who have the strength and determination to realize their dreams.
Small business owners are at the heart of all we do, so we're creating powerful, easy-to-use financial solutions to help them run their business. With a founder’s mentality and a team-first attitude our diverse teams across Europe, South America, and the United States work together to ensure that small business owners can be successful doing what they love.
SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, colour, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.
SumUp will not accept unsolicited resumes from any source other than directly from a candidate.