On behalf a market leading company with a globally recognised brand, Swisslinx are looking for a Cyber Security Incident Responder with AWS experience to join a mid sized Cyber Defense team in St Gallen on a contract basis (initially six months with chance of extension) starting ASAP. The role offers 50% WFH, however there exists the option to work fully remote. As a key member of a diverse team you will be engaged in project related tasks, as day to day incident response.

This will include the following:
Manage and lead the efforts of response to complex attacks against the company globally
Help to improve the security incident response processes on our growing cloud and on-premises environments.
Support investigations and bring them to resolution or escalate to system owners in Global-IT.
Report the outcomes of incident handling to senior management.
Write scripts, playbooks, detection logic, and work on orchestration and automation our target system landscape (including SIEM, SOAR, EDR)

As the perfect candidate you will possess the following skills and experience:
Minimum of 4 years' experience in Security Incident Response or related fields, encompassing threat hunting, intrusion analysis, and cyber threat intelligence. Proficiency in conducting DLP investigations and insider/external threat investigations. Expertise in threat hunting leveraging inputs from CTI (Cyber Threat Intelligence) for identifying APTs (Advanced Persistent Threats), threat actors, and advanced techniques and tactics. Familiarity and adherence to MITRE and SANS incident response frameworks and best practices.
Hands-on experience or comprehensive knowledge of SIEM (Security Information and Event Management), XDR (Extended Detection and Response), SOAR (Security Orchestration, Automation, and Response), EDR (Endpoint Detection and Response), and DLP (Data Loss Prevention)/NDR (Network Detection and Response) platforms.
Fluency in English

Desirable Skills/Good to have:
Background in digital forensics.
Experience in cybersecurity engineering.

Certification:
CISSP, GCIH, GSEC, FOR EC-Council's Certified Incident Handler (ECIH), SEI Computer Security Incident Handler (CSIH) would be advantageous.
Familiarity with Microsoft security technology stack, including Purview.

Please note interviews would be conducted via video call (max two rounds), however the role is based 100% in Switzerland.

Our client offers:
Multicultural company where English is the main language
Competitive rate based on candidate expectations/experience
The opportunity to work in a diverse and international environment with a strong team spirit and personal atmosphere
Very stable company with great market reputation
Opportunity for growth and development within the company
Flexible working with 50% WFH (possibility to work fully remote)
Are you interested to work in an international environment in a market leading company with great growth prospects for the future? Then apply now! We look forward to receiving your full application.

By applying for this position, I consent to the Swisslinx Group of companies:
- storing my personal information (including name, contact details, Identification and CV information etc.) on their internal or external Servers for the purpose of informing me of potential employment opportunities
- using my personal information or
- supplying it to third parties upon express consent for the purpose of informing me of potential job opportunities
- transferring where applicable my personal information to a country outside the EEA/EFTA

I also hereby agree to the Swisslinx privacy policy and Terms of Use