Senior Incident Response Specialist (m/f/d)
Munich, Poland
Sportradar
Sportradar is the world’s leading sports technology company, at the intersection between sports, media and betting.Company Description
We’re the world’s leading sports technology company, at the intersection between sports, media, and betting. More than 1,700 sports federations, media outlets, betting operators, and consumer platforms across 120 countries rely on our know-how and technology to boost their business.
Job Description
LOCATION: Work onsite in Vienna, Ljubljana, Sevilla, or Munich
WORK TYPE: Hybrid remote and onsite (3 days office, 2 days remote)
Job Description:
The Senior Incident Response Specialist will serve as a senior member of the Security Operations Center within the Information Security team, leading incident response and proactive threat hunts. This position requires a hands-on, expert-level professional responsible for proactively detecting, investigating, and responding to complex threats against the organization’s environment, particularly with applications and cloud infrastructure.
The Senior Incident Response Specialist will work closely with a diverse range of stakeholders to ensure any threats are quickly and effectively contained and any incident is brought to a rapid resolution. They will be responsible for managing incidents in strict alignment with relevant frameworks, such as NIST or ISO, and any applicable regulatory requirements, maintain adherence to organizational standards and compliance mandates. This role is critical in protecting the organization’s assets and improving its overall threat detection and response capabilities.
THE CHALLENGE:
- Act as the primary point of contact for incident response within the SOC, taking ownership of incidents from detection through to remediation.
- Collaborate with threat intelligence teams to incorporate emerging threat data and integrate relevant indicators of compromise into hunting and detection practices.
- Perform forensic analysis on systems, applications, and cloud environments to trace the origin, scope, and impact of incidents.
- Develop and refine detection rules, incident response playbooks, and investigation workflows to strengthen SOC capabilities and improve incident response effectiveness.
- Ensure comprehensive documentation of threat hunting and incident response activities, providing detailed reporting on investigative findings, lessons learned, and recommended remediation steps.
- Lead proactive threat hunting activities, identifying and investigating potential threats and vulnerabilities within the organization’s environment.
- Stay current on new threats, vulnerabilities, and attack techniques, especially those targeting web applications and cloud services, and incorporate this knowledge into SOC processes.
YOUR PROFILE:
- 5+ years of experience in a SOC, with a strong focus on incident response and threat hunting.
- Proven experience investigating and mitigating threats targeting web applications and cloud infrastructure (specifically AWS).
- Deep experience conducting analysis of data from a diverse range of data sources using a SIEM.
- Demonstrated expertise in performing forensic investigations and root cause analyses for complex incidents.
- Experience with SIEM platforms, endpoint detection and response tools, and network traffic analysis.
- Strong understanding of attack frameworks (e.g. MITRE ATT&CK) and the ability to apply them to threat hunting and incident response.
- Experience creating detection rules, playbooks, and workflows to improve SOC detection and response efficiency.
Desired Experience:
- Applying the results of previous incidents and threat hunting activities to creating new detection use cases.
- Hands-on experience with AWS security services, such as GuardDuty, Security Hub, CloudTrail, and IAM configurations.
- Familiarity with securing web applications, including common vulnerabilities (e.g. OWASP Top 10) and mitigation techniques.
- Proficiency in scripting languages like PowerShell and Python.
- Experience working within agile or continuous improvement environments.
Desired Qualifications:
- Strong analytical skills, with the ability to handle high-pressure situations and manage complex security incidents from start to finish.
- Effective communication skills, with the ability to produce clear, concise documentation and interact effectively with both technical and non-technical stakeholders.
- Certifications in relevant fields, such as GCIH, GIAC, GCFA, AWS Certificated Security, CISSP, or equivalent.
OUR OFFER:
- A collaborative environment with colleagues from all over the world (Offices in Europe, Asia and US).
- Involvement in shaping your own workday and career through high degree of freedom to choose technology and your personal development.
- The opportunity to work and develop within an inspiring and fast-growing company.
- The possibility to help shaping the future of Sportradar. All developers are directly contributing to products used by our clients in the global sports business.
- A company culture that promotes kindness, sports, physical exercise and teamplay.
- Innovative and cross-team challenges like Ship-It, office sports tournaments in Darts, Table Tennis and Table Football.
- Competitive salary and benefits (e.g. retirement pension and insurance plan)
- Possibility to work from home office when needed.
- Vibrant Women in Tech community and Sportradar Pride group inside the company inclusive for everyone to participate in
While we value the opportunities to work from home, we truly believe that being together, and sharing ideas, opportunities, trials and tribulations with teammates make us stronger and more innovative – individually and as a company. We strengthen the fibers of our Company each and every day, just by being together. For this reason, we operate a hybrid model where we are in the office 3 days a week.
The minimum monthly salary for this position is according to the Collective Bargaining Agreement, overpayment will be considered depending on qualifications and working experience.
We relocated to our office near the Nordbahnviertel in the 2nd district of Vienna in Q1/2024. Due to the top inner-city location, we are excellently connected to the public transport network and the cycle path network and are therefore very easy to reach. In addition, we offer our employees a state-of-the-art infrastructure near the center of the most livable city in the world.
Buckle up, hold on tight and get ready for an incredible adrenaline-rush throughout this exciting ride with us: #maketheteam and shape your future as well as ours!
Additional Information
At Sportradar, we celebrate our diverse group of hardworking employees. Sportradar is committed to ensuring equal access to its programs, facilities, and employment opportunities. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. We encourage you to apply even if you only meet most of the requirements (but not 100% of the listed criteria) – we believe skills evolve over time. If you’re willing to learn and grow with us, we invite you to join our team!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile AWS CISSP Cloud Compliance EDR GCFA GCIH GIAC IAM Incident response MITRE ATT&CK NIST OWASP PowerShell Python Scripting SIEM SOC Threat detection Threat intelligence Vulnerabilities
Perks/benefits: Career development Competitive pay Insurance Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.