Incident Response and Forensic Analyst CSIRT Member
Incident Response and Forensic Analyst CSIRT Member
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Swiss Post Cybersecurity provides security solutions to protect digital assets and data all developed and operated in Switzerland. Formed in 2024 from terreActive and Hacknowledge we are a Swiss Post subsidiary headquartered in Aarau with offices in Morges Zurich and Luxembourg. We enhance cyber resilience with Swiss precision and innovation.
With more than 150 employees we pool our expertise and experience to drive cybersecurity forward. Join our growing team and defend the digital future with us!
We are looking for an Incident Response and Forensic Analyst to join our Incident Response Team immediately or by arrangement. The ideal candidate will bring solid expertise and experience to help protect our customers from cyberattacks.
Tasks
- Carify doubts about suspicious behaviors or confirmed incidents on workstations or information systems
- Assist clients in managing security incidents including APTs ransomware BECs and more
- Conduct proactive threat hunting to identify past or ongoing compromises
- Build and deliver training sessions in academic or professional environments
- Lead kickoff meetings and present clear and actionable analyses to clients (primarily in French or English)
- Provide pragmatic recommendations such as developing reconstruction plans for compromised environments
- Enhance team expertise by enriching methodologies sharing research (tools/articles/insights) and developing/testing tools
- Collaborating closely with the SOC to improve realtime detection capabilities
- Promote CSIRT activities through impactful publications
Requirements
- At least 3 years in SOC/CERT environment (including 2 years in participating in CSIRT/CERT activities) or handling advanced cyber threats (APTs ransomware BECs etc.)
- Deep understanding of operating system internals and/or reverse engineering techniques such as Windows systems (e.g Win32API or internals) Active Directory with GNULinux systems etc
- Familiarity with incident response tools and processes (e.g. Velociraptor KAPE Plaso).
- Proficiency in scripting or development to automate repetitive tasks such as intrusion detection scenarios
- Strong verbal and written communication skills in French (C1) and English (C1). German is a plus
- Bonus: Familiarity with MacOS mobile forensics (Android/iOS) or public cloud environments (Azure/AWS/GCP) is a plus
- Swiss residents only and willing to participate in 24x7 oncall duty with potential emergency travel to specific locations.
- Bachelors or Masters degree in a relevant field and/or certifications are a plus
Benefits
- Independent work in a small wellcoordinated team
- A central location in Morges with facilities all over Switzerland
- Flexible working hours and remote work options
- Time and budget for targeted internal and external training
We are filling this position without the help of external recruitment agencies.
Employment Type
Full Time
