DFIR Specialist Security Engineer

As limango we create a company which has been specializing in e-commerce for 17 years. Together with platforms in the Netherlands, Poland, Austria and Germany, we are part of the OTTO Group, one of Europe's leading e-commerce companies. We are the shopping platform with the largest selection of products for the whole family!

We work and play together. We value work-life balance and create a culture of respect, trust and equality. If these values are also key for you, there is a good chance that you will find your place with us.

What else you need to know?:

100% remote position with flexible working hours (once in a while visit in Munich or Wroclaw office will be expected)

Your role and main tasks

• Responding to information security alerts and incidents through all response phases
• Analysing IoCs, suspicious network and email communication
• Co-ordinating additional support in case of more complex incidents
• Collaborating with group-level incident response team and relevant authorities in Poland and Germany
• Seeking for optimal solutions (processes, tools, procedures) to improve overall response capabilities
• Weekend on-call expectations and hours?
• Approximately 2 days per month – typically uneventful
• Close collaboration with Otto – workshops in Hamburg twice a year
• Training/certification budget?
• 2-3 internal trainings, access to the RangeForce platform
• Opportunity to co-create the team from the ground up, significant impact on team operations and quick decision-making

You will need

• Professional requirements for the candidate:
• Previous experience in a similar role - ideally both on SOC L1 and L2
• Deep understanding of the end-to-end incident response process and cyber kill chain
• Working knowledge of MITRE ATT&CK framework and its real-life application
• Great understanding of MS Defender suite - mainly Defender for Endpoint and Defender for Office 365; KQL (Kusto) knowledge would be a great plus
• Working knowledge and experience in deployment of tools supporting incident response and digital forensics - such as FTK, Autopsy, Volatility, Wireshark, ExifTool, Snort, ...
• Working knowledge of ELK stack
• Fluency in English
• Bonus for any of the following certificates: GCFA, GEIR, GCIH, GNFA, SC-200, SC-300, ECIH
• Bonus for experience with cloud security incident response on AWS
• Bonus for German fluency
• Personal requirement for the candidate:
• Top communication skills - this role requires constant collaboration with variety of stakeholders - from non-technical junior employees, through senior engineers, up to the top-level management
• "I'm here to help" attitude
• Willingness to exercise own ideas, propose solutions, improve the environment.
• Experience with incident handling on AWS would be a Massive plus

Benefits

• Private healthcare
• We provide access to the best specialists for you and your loved ones.
• Language classes
• English and German lessons in small groups, tailored to your skills.
• Remote work and flexible working hours
• Possibility of partial remote work, as well as adjusting working hours to your daily schedule.
• Office in the center of Wrocław
• Nearby cinema, fitness club and a large selection of lunch places.
• Fruit Mondays
• There is no shortage of coffee, fruit, pizza, sweets and healthy snacks in our office.
• Company events in the best company
• After hours we often organize interesting outings or meetings in our office.
• What you can count for:
• Interesting and challenging work in the dynamic environment of the Internet industry - you will not get bored with us!
• The possibility of real shaping of the business - we value independence and delegate responsibility,

Gaining experience in an international team, operating in different European markets.