Job offers

Senior Digital Forensics and Incident Response Expert

Warsaw

About Us

ERGO Technology & Services S.A. (ET&S S.A.) was established in January 2021 following the integration of ERGO Digital IT and Atena into one entity, leveraging the strengths and best practices of both companies.
 
ET&S S.A. belongs to the ET&SM technology holding of ERGO Group AG, supporting millions of internal and external customers with state-of-the-art IT solutions to everyday problems. We are dedicated to bring a digital innovations to every aspect of the landscape of insurance. Discover how we are implementing AI, IoT, Voice Recognition, Big Data science, advanced mobile solutions and much more to accommodate our customers’ future needs around the globe. See how you can be a part of the digital revolution and apply to join us today!

About the role

The Cyber Security Incident Response Team (CSIRT) of the ERGO Group AG will roll out a Compromise Assessment and Rapid Response (CA&RR) tool for various customers. As tool of choice the Thor APT Scanner from Nextron Systems will be used and enable the ERGO Group AG to get a holistic view of current threads and to hunt down potential attackers. Furthermore, the Thor APRT scanner will create new possibilities and capabilities to react to those threads for the whole ERGO Group.

 

In your function, you will support the CA&RR project during the project phase. During this phase, you will be responsible for managing initial scans, train the first level analysists and support the project lead for the whole build up phase. Furthermore, you will be responsible in all phases for the second level analysis of anomalies. In case there is a need for follow up activities and collection of evidences, you will be responsible for coordinating the evidence collection between the different international teams. In case of a security incident, you will also have the responsibility to develop and operationalize rapid response plans together with the other teams. In addition, you will develop YARA rules based on your analysis and assure the quality of the threat hunting process and the correct grouping of anomalies into so-called cases using Thor APT in the customer’s environment. Moreover, it is within your responsibility to develop a proper reporting framework as well as evolving the needed processes on a continuous basis.

How you will get the job done

In short your tasks will be:

  • scan management for a Compromise Assessment and Rapid Response (CA&RR, Thor APT scanner) tool for various customers in the ERGO group
  • development of rule-sets (i.e. custom YARA rules)
  • development of rapid response playbooks
  • 2nd level analysis – Quality assurance of 1st level analysis and supervising of scoping activities
  • deeper analysis of 1st level findings in the CA&RR tool
  • analysis of high sophisticated attacks and malware
  • definition and application of containment strategies
  • presentation of results and recommendations for different levels i. e. for upper management, technical teams as the Security Operation Center (SOC), the Incident Response (IR) team and the Digital Forensics (DFIR) teams
  • supporting remediation measures
  • development of internal and external reporting
  • supporting Service Management for customer satisfaction
  • mentoring the 1st level team and holding trainings for the other teams

Skills and experience you will need

  • fluent in English
  • proven experience in the IT security area
  • at least 5 years of hands-on experience with hardware/software tools used in incident response, computer forensics, network security assessments
  • mastering internals of Windows and Active Directory environments
  • strong memory analysis skills
  • strong Linux and macOS forensic skills
  • strong network and systems analysis skills
  • strong ability to work in a multinational and complex environment
  • ability to coordinate people in different locations and at different stakeholder levels
  • ability to present complex facts in a shot for different stakeholder levels
  • ability to stay focused, keep calm and work under high stress
  • must have a thorough understanding of network protocols, network devices, computer security devices, secure architecture; system administration
  • mastering at least one programming language
  • being an innovator, creative, passionate, independent and motivated to make a difference and help reducing cyber risk for ERGO Group

Nice to have

  • Bachelor / Master in IT / Business IT / Computer Science or similar education
  • Certified in CISSP, GCFA, GCIA, GCFE, GNFA, GREM, GCIH or equivalent

Interested in this position?

Apply now

Why work with us?

Let&s be fit

We realize that most of us need assistance to stay in shape and good health. That's why we provide every employee with a medical package coverage and co-finance a sports card. Additionally, we support a number of sports sections, and, you can even join our yoga team in the summer to practice yoga on the roof!

Let&s be balanced

Work-life balance is essential for us. That's why we offer our employees flexible working hours, pet-friendly offices, and if you would like to stay with your pet at home, a remote work environment. However, it won't be easy to stay at home with our in-office gaming room.

Let&s be smart

Staying up-to-date with all the new systems and technologies is not an easy task. That's why we have an extensive training and workshops offer, both in-house and with external providers. We organize hackathons and meetups, which are an excellent opportunity for our specialists to showcase their expertise. On top of that, we offer digital learning platforms, language courses, and a library.

Let&s be responsible

We love to see the difference we make together with our CSR projects. That's why we are always open to new projects, and we would love to include you in our next charity event!

Let&s be fun

At ET&S we love not only to work but also relax together. Sports events like company-wide bike race, or maybe a film marathon in our cinema room? Don't worry; we got it covered! Maybe you have a passion and would love to make an event out of it? Sure! We will help you!

Let&s be diverse

At ET&S we create a working environment free of prejudice and exclusion. Each member of our team can experience being valued, regardless of his or her gender, nationality, religious beliefs, disabilities, age, and sexual orientation or identity. Your wide range of qualifications, experiences, and ways of thinking are of great benefit to us!

Get to know us better

Check how it is working at ERGO Technology & Services

link to facebook

link to linkedin