IR Expert

At Obrela Security Industries, we are looking for a motivated Cyber Incident Responder to join our Cyber Incident Response team (CSIRT). You will support and participate in cyber major incident response operations for our clients worldwide, working alongside experienced team members to detect, analyse, and respond to major cyber threats. This is a hands-on role where you will gain exposure to real-world incidents and contribute to ensuring minimal business impact for our clients. This team is independent from the Obrela SOC and works closely with clients. Periodical travel is required.

Duties & Responsibilities

• Assist in the coordination (Onsite and Remote) of cyber incident response engagements, from initial detection to resolution, following service level agreements and best practices.
• Provide support to client teams during high-pressure situations under the guidance of senior responders.
• Work alongside experienced incident responders, gradually developing your skills in handling and analysing major security incidents.
• Help deploy tools and resources for investigating and containing incidents such as malware outbreaks, data breaches, or ransomware attacks.
• Contribute to communications with client stakeholders, preparing updates and documentation during incident response engagements.
• Participate in post-incident reviews and help prepare recommendations to improve clients' cybersecurity posture.
• Stay up to date on emerging threats and share relevant findings with internal teams and clients.
• Collaborate with internal teams, including business development, to support incident response efforts and contribute to client success.
• Work closely with OBRELA's CSIRT team on escalated security events.
• Engage in regular blue/purple team exercises and Capture The Flag (CTF) events to sharpen your skills.
• Participate in executing tabletop workshops and other proactive services for clients.
• Participate in a 24/7 365 on-call rota for major incidents alongside the rest of the team.

Requirements

• 2–3 years of experience in cybersecurity operations, preferably in a dedicated incident response team.
• Understanding of the Incident Response Lifecycle and the Attack Life Cycle (Kill Chain).
• Familiarity with host-based and network-based forensics for Windows and/or Linux systems.
• Basic understanding of common network protocols and attack vectors, such as windows domain attacks.
• Demonstrated interest in cybersecurity with participation in labs, exercises, or CTFs.
• Programming/scripting experience (e.g., Python, PowerShell, Bash) is a plus but not required.
• Bachelor’s degree in computer science, cybersecurity, or a related field, or equivalent practical experience.
• Strong communication skills and a desire to learn and grow in a collaborative environment.
• Excellent English communication skills, both verbal and written.
• Willingness to travel and support on-site response efforts as needed.

Benefits

• Dynamic and respectful environment – our people are the core of our business, we value each and every individual and support initiatives, promoting agility and work/life balance.
• Continuous coaching – work with passionate people and receive both theoretical as well as hands-on training
• Career development. Expand your career internationally and work alongside knowledgeable people from diverse cultures and backgrounds.
• A competitive compensation package dependent upon your experience and qualifications. We’re focused on rewarding efforts. Our salaries and benefits package will keep you motivated throughout your career.