Incident Manager

Already experienced in the world of cyber security? New to it all, but genuinely interested? Well, at NVISO we might be looking for you and we’d love to have a chat

Who are we?

**It all starts with the mission**: NVISO is here to protect European society from potentially devastating cyber attacks This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.

So what does this mean in practice? What do we actually do?
- Defining the overall cyber security strategy (e.g. building out and delivering an awareness program)
- Offensive security services such as red teaming and penetration testing
- Building and securing cloud-native architectures
- Emergency support such as incident response / forensics when organizations are breached
- Managed services such as Managed Detection & Response and Vulnerability Management
- Highly tailored / niche cyber security work in for example ICS environments

The list is not exhaustive and our very own NVISO Labs is continuously investigating new possible services or new ways to tackle the rapidly changing problems in cyber security

As a proudly European company, we currently have offices in Belgium (Brussels), Germany (Frankfurt and Munich) and Greece (Athens). Technically, we are present in many more towns and cities, as our people often work from home too.

Emergency support such as incident response/forensics when organizations are breachede Break Barriers, We Care and No BS

Tasks

What will you do?

You have a strong interest in cyber security and believe the following to be applicable to you?

As a Cyber Strategy consultant in Culture, you will assist our smaller and larger customers with the overall reinforcement of their security posture. Typical engagements include (but are certainly not limited to):

- Develop, maintain and improve processes, procedures and documentation related to security detection, response and incident management in concordance with group policies.
- Help maintain central understanding of the organization’s security detection capability across a heterogeneous IT landscape (e.g. which SIEM use cases, covering which platforms/resources, what logging, alerting, etc).
- Help maintain central understanding of the organization’s security response capability across all security detection inputs/channels (e.g. playbooks/procedures for SIEM use case alerts, etc).
- Conduct analyses to check effectiveness of security response capability, identify gaps and propose improvements in the processes and structure.
- Closely collaborate with infrastructure and security operations teams to obtain up-to-date information on security detection related configurations (e.g. CMDB, SIEM configuration, EDR config, Azure/AWS alert configuration, etc) and security response related information (e.g. security incident tickets).
- Support/Implement increase of the security detection & response capability in new environments (e.g. moving the IT landscape to the cloud).
- Perform deep dive analysis to identify recurrent improvement actions, ensure that the security incidents are managed according to the adequate procedures.
- Measure and analyse key performance indicators (KPI) related to security incident management and propose improvement improvements where needed.
- Participate to governance of several topics related to IT and information security.
- Ensure the security operations teams know where to find appropriate documentation and provide guidance and training on security topics if necessary.
- Provide regular reporting on the current status of the security incident management performance and evolution to the Chief Security Officer.

**Requirements**:

- Eligible for NATO CLEARANCE
- Knowledge and understanding of incident management and incident response processes and ticketing tools.
- Knowledge and understanding of security related tools (SIEM, SOAR, EDR, AV, Proxy, FW, DLP,)
- Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x
- Strong analytical skills to analyse security requirements and relate them to appropriate security controls.
- An understanding of operating system internals and network protocols.
- Experience developing and maintaining policies, procedures, standards and guidelines.
- Ability to manage multiple projects, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.

**Benefits**:
At NVISO, we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components:

- Working and learning from the best people in the European cyber security industry. We have multiple SANS Instructors working at NVISO, our staff has presented at popular hacking conferences (BlackHat, BruCON, OWASP, etc) and all of our technical staff can acquire deep technical security c