Senior CSIRT Specialist

About Us

ERGO Technology & Services S.A. (ET&S S.A.) was established in January 2021 following the integration of ERGO Digital IT and Atena into one entity, leveraging both companies’ strengths and best practices. As a part of ERGO Technology & Services Management AG, the technology holding of ERGO Group AG, we support millions of internal and external customers with state-of-the-art IT solutions to everyday problems.

In October 2022, ET&S S.A. expanded its scope of operations by creating a Business Services unit to contribute in a new way to the growth of ERGO’s business. Acting as a co-partner and internal consultant, it adds non-IT value and supports the development of the entire ERGO Group, currently offering skills in reporting, analysis, actuarial, and input management. We are committed to fostering innovation and meeting the evolving needs of our clients worldwide.

Discover how we implement AI, IoT, Voice Recognition, Big Data science, advanced mobile solutions, and business-related services to anticipate and address our customers’ future needs.

About the role

Cyber threats are constantly evolving, and we need experts to stay ahead. At ERGO Technology & Services, we’re looking for a Senior CSIRT Specialist to lead the security incident response process, support technical investigations, drive remediation, and strengthen our cyber resilience. You’ll play a key role in advancing ERGO’s security incident response maturity. If you’re passionate about protecting critical systems in a dynamic environment, we encourage you to apply.

How you will get the job done

• leading the overall incident response process, ensuring effective technical management and communication throughout
• proposing and coordinating rapid response actions to address security threats
• conducting and facilitating the incident response meetings with stakeholders and relevant teams
• tracking and coordinating the tasks performed by technical responders
• participating in technical investigations on an as-needed basis, primarily to support the team during high-demand periods
• defining and applying containment strategies
• driving remediation measures during security incidents
• preparing incident reports that detail incident response activities and technical results from investigations
• improving incident response playbooks and documentation
• identifying necessary actions during the entire security incident management process
• mentoring and supporting the development of junior team members

Skills and experience you will need

• fluency in written and verbal English
• excellent communication and interpersonal skills
• more than 5 years of hands-on experience with hardware/software tools used in incident response, computer forensics, network security assessments
• deep knowledge in the IT & IT security area including network protocols, security technologies, security architecture, cyber security threats and vulnerabilities
• proven experience in cyber security incident management including but not limited to ransomware attacks, data breaches, and infrastructure compromise
• strong knowledge about threat landscape including APT groups and attack tactics, techniques, and procedures
• deep expertise in incident documentation, incident reporting and transforming technical information to senior management language
• understating of security risk and mitigation strategy for IT infrastructure
• strong knowledge about security processes, standards, and frameworks (SANS, NIST, etc.)
• strong ability to work in a multinational and complex environment
• ability to coordinate people in different locations and at different stakeholder levels
• ability to stay focused, keep calm and work under pressure
• strong analytical and problem-solving skills

Nice to have

• Bachelor or Master degree in IT/Business IT/Computer Science or similar area
• CISSP/ GCFA/ GCIA/ GCFE/ GNFA/ GREM/ GCIH/ CISM or similar certification
• scripting skills (Python, Visual Basic, Bash,  Powershell, etc.)