Cyber Security Incident Response Expert

Job Description & Summary

About the Team 

For us, SOC is not just a ticket or detections „washing machine “. We perceive incident response as a mandatory part of our services, along with other proactive activities such as: Threat Hunting, Threat Intelligence, Vulnerability Management, as well as post-incident activities like Forensic Analysis and more. 

Threat Management team consists of cybersecurity professionals focused on prevention of the cyberattacks via detection and responding to cyber threats. The key pillars consist of incident response, threat hunting, threat intelligence, security monitoring, vulnerability management, engineering and consulting services.  

About your manager 

Lubomír has over 10 years of cyber security experience with different projects related to mainly cyber security managed services, building and operating Security Operation Centers (SOC), Threat Hunting & Intelligence and Vulnerability Management. Lubomír is also responsible for team leading, project management, designing of cyber security managed services, creation and development of training plans and is a proven coach to train other team members or client staff. Outside of work, he is involved in teaching, science, and research at the University of Hradec Králové, where he guarantees and teaches the course Surveillance Systems and Forensic Analysis.

Job description & summary 

As an Incident Response Expert, you will serve as a Level 3 analyst and Subject Matter Expert (SME) withing the client's operations, specializing in security incident detection, analysis, investigation and Response. Your expertise will be pivotal in leading incident response efforts to ensure timely containment and eradication of security threats. In this role, you can expect a balanced mix of long-term client engagements in operations, alongside ad-hoc projects – based assignments focused on pure incident response, threat hunting, and breach Discovery, all aimed at fortifying client security and resilience.  

This is a senior role, and its additional responsibilities may include continuous improvement of the Threat Management team tradecraft and capabilities as well as sharing knowledge, mentoring and training junior colleagues. 

Requirements of the role 

• 4+ years of relevant professional experience. 

• Consistent, reliable and professional personality, capable of working within international & diverse teams. 

• Previous CERT/CSIRT/DFIR/SOC (or equivalent) experience highly desired. 

• In depth understanding of varied attack vectors and adversaries’ Tactics, Techniques & Procedures (TTPs) up to the level of Advanced Persistent Threats (APTs). 

• Excellent understanding of one or more Operating Systems (Linux, Windows, …). 

• Ability to work under pressure during major security incident response situations as well as attention to detail during post-breach investigation. 

• As an Incident Response Expert, you will lead technical investigations and recovery efforts in response to cybersecurity incidents, conducting forensics, and identifying compromised systems. Previous experience in incident response is essential. 

• Ability to lead investigations in compromised environment without any previous knowledge of the environment for major incidents (eg. ransomware, APTs). 

Nice to have 

• Hands-on skills within the information security field, with special focus towards Security. 

• Information and Event Management (SIEM) tools like Splunk, QRadar, Arcsight or ELK. 

• Working knowledge of the Endpoint Detection and Response (EDR) tools. 

• Experience with Cyber Threat Intelligence integration into SOC environment & operation. 

• Previous consulting experience in the global enterprise environment.

• Industry recognized certifications either in the area of general information security or focused. 

• Towards Threat Management can be plus. 

• Deeper experience in any (or more) of the following areas: 

- Security/Network Analysis 
- Incident Response 
- Cyber Threat Intelligence 
- Threat and Vulnerability Management 
- Digital Forensics 
- SIEM solutions 

Our Benefits and Fun  

• Concentrated experience and rapid career growth. It may sound like a platitude, but it really is. 

• Flexible working hours. 

• Fair salary plus paid overtime and annual bonus. 

• Paid time off 20 + 5 days, 3 wellbeing days and 2 extra days off from the company at the end of the year. 

• High-end Ultrabook and iPhone with unlimited data. 

• Benefit program with 45.000 points that you can use for holidays, education, food vouchers, sports, health... Simply on what you enjoy.  

• Support for your education and development: business and digital skills training (e.g. Alteryx, Power BI, Tableau), ongoing training and certification, for example in Microsoft (Azure, PowerApps), project management (Prince2, PMI), service management (ITIL), agile development (Scrum, SAFe), DAMA, Salesforce, coaching and presentation skills and more. We pay for technical certifications and the time you spend studying them.  

• Opportunity to work in the future at a foreign PwC office, for example in the USA, Canada and there are others in the selection.  

• Extra-work activities and Away Days (team building, etc.).  

• Regular feedback on your work, also consultation with a coach with whom you can address your further development and career direction. 

Check us out on: Cyber & Privacy | Czech Republic

PwC is the largest audit team in the Czech Republic, but also law, tax, consulting and technology, data or forensic teams. Find out how easy it is to combine this knowledge when you're in the right place. With us, you will get the opportunity to see how business is done in large companies. We are part of an international network of companies with more than 364,000 colleagues in 151 countries. At PwC, we create an inclusive work environment where everyone can be themselves and find their place and opportunity to develop. This year, we have successfully maintained the prestigious Equal Pay Certification, making us one of only four companies in the Czech Republic (and the only one from the Big 4) that demonstrably implements fair compensation practices regardless of gender. 

Ochrana osobních údajů pro žadatele o zaměstnání  / Privacy Statement for Recruitment Applicants  

#LI-EK1