Cyber Incident Responder

Job Posting Organization:
The European Bank for Reconstruction and Development (EBRD) is a pioneering international financial institution that was established in 199

• The EBRD's mission is to foster the transition towards open market-oriented economies and promote private and entrepreneurial initiatives in countries across Europe, Asia, and beyond. With a workforce that reflects a diverse range of backgrounds, the EBRD operates in over 30 countries, providing financial and technical assistance to support sustainable development. The organization is committed to inclusiveness, innovation, trust, and responsibility, which are core values that guide its operations and interactions with stakeholders.

Job Overview:
As a Cyber Incident Responder at EBRD, you will play a critical role in safeguarding the organization against cyber threats. This position requires a proactive and analytical mindset, as you will be responsible for deploying advanced cloud-centric detections and tuning SIEM/SOAR engines to enhance the organization's security" style="border-bottom: 1px dotted #007bff !important;">security posture. You will collaborate closely with threat hunters and intelligence teams to identify and mitigate threats in real-time, ensuring that the organization remains resilient against cyber attacks. Your expertise will be essential in producing forensic reports, refining incident response playbooks, and continuously evolving the detection and response capabilities of the Security Operations Center (SOC). This role is ideal for individuals who thrive in high-pressure environments and are passionate about cybersecurity and incident response.

Duties and Responsibilities:
The Cyber Incident Responder will be tasked with a variety of responsibilities, including but not limited to: deploying cloud-centric detection mechanisms to identify threats in cloud environments; correlating activities across various assets and environments to detect anomalous behavior; reviewing alerts and data from security sensors and documenting formal incident reports; collaborating with threat intelligence and threat-hunting teams; providing incident response support to network subscribers; assisting in the development of business continuity and disaster recovery plans; managing and tuning the SIEM system; and participating in an on-call rota for after-hours support. Additionally, the responder will work closely with Managed Security Service Providers (MSSPs) to coordinate incident management and resolution efforts.

Required Qualifications:
Candidates must possess a strong understanding of cybersecurity principles and practices, particularly in relation to cloud security. Familiarity with incident response frameworks such as NIST CSF and MITRE ATT&CK is essential. The ideal candidate will have experience with SIEM and SOAR tools, as well as expertise in incident response tools and methodologies. Strong analytical skills, the ability to communicate complex technical issues clearly, and a proactive approach to problem-solving are critical for success in this role. Candidates should also have a solid understanding of security automation tools and techniques to enhance the efficiency of the SOC.

Educational Background:
A bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is required. Advanced degrees or certifications in cybersecurity (such as CISSP, CISM, or CEH) are highly desirable and will be considered an asset.

Experience:
The position requires a minimum of 3-5 years of experience in cybersecurity, specifically in incident response and threat detection. Candidates should have a proven track record of managing security incidents and implementing effective incident response strategies. Experience working in a cloud environment and familiarity with cloud security best practices is also essential.

Languages:
Fluency in English is mandatory, as it is the primary language of communication within the organization. Knowledge of additional languages, particularly those spoken in the EBRD member countries, is considered a plus and may enhance a candidate's application.

Additional Notes:
This position is a fixed-term contract lasting for 3 years. The EBRD promotes a hybrid working model, encouraging employees to collaborate in person at least three days a week. The organization values diversity and inclusion, welcoming applications from all qualified candidates regardless of their background. Competitive benefits and a focus on employee wellbeing are integral to the EBRD's workplace culture.