Principal Cyber Security Expert - Germany

Eye Security is a fast-growing cybersecurity and insurance company founded by ex-Military and Secret Service employees. We are on a mission to cyber-protect every organisation in Europe.  Eye Security is actively expanding its current Managed Detection and Response (MDR) & Incident Response (IR) services to Germany. The current team consists of around 20 highly qualified experts working from Eye's headquarters in The Hague. This team supports our MDR customers in the SOC around the clock and is ready to provide IR services when needed. All IR experts are multidisciplinary and support our clients with (potential) cybercrime incidents, such as business email compromise, ransomware attacks and espionage.

Due to our expansion into Germany, we are looking for a Principal Cyber Security Expert to perform Incident Response at clients that are dealing with (potential) cyber incidents. Aside from that you will be actively involved in the MDR team, ensuring that our clients stay safe.

What you will do:

• Incident Response and research: As a Principal Cyber Security Expert, you will travel around the country to conduct IR and support IR cases outside of Germany if required. You will be in close contact with the head office in order to optimally achieve the targets yet to be defined in Germany. In downtime you will support the MDR team and you have time to dive into cool research topics which will make impact at our customers and can be used for marketing purposes (e.g. Eye Anti Spoofing Tool)

• Ownership: You will have a high degree of ownership and responsibility for the incident response and technical research initiatives for Germany

• Stakeholder engagement: You will work with internal and external stakeholders, including senior management, legal, law enforcement and regulators to coordinate incident response and ensure compliance with legal and regulatory requirements in Germany

• Continuous improvement: You are ready to use your expertise to continuously optimize our incident response team through initiatives, best practices and new technologies and to effectively leverage lessons learned from past incidents

• Senior-level cybersecurity experience: You have at least 6 years of technical experience in cybersecurity with a focus on Incident Response, Digital Forensics and Threat Intelligence. In addition, you have in-depth knowledge of the ever-changing cybersecurity landscape and threat actors, including their tactics, techniques and procedures (TTPs). Finally, you have a proven ability to explain deep and complex technical concepts and their implications to stakeholders. Previous experience with red-teaming and/or penetration testing is an advantage.

• Network in Germany: You have an established network within the cybersecurity community in Germany, with a solid understanding of the local threat landscape, regulatory environment and industry trends.

• Track record: Proven track record of effectively managing and responding to cybersecurity incidents, including experience in conducting digital forensic investigations and leading incident response efforts.

• Autonomy: You are a self-motivated and proactive individual who is able to work independently and take initiatives, and is committed to continuous learning and professional development.
• Language skills: Fluency in written and spoken German and English.

• Technical Requirements:
  - In-depth knowledge of Windows/Linux/Mac operating systems, how they work and the corresponding file systems, security architecture and attack surfaces;
  - Knowledge of (cloud) infrastructures, cloud security and their attack surfaces (Microsoft 365, Azure, AWS, Google Cloud, etc.);
  - Knowledge of IT infrastructures, network architecture, network hardware, network protocols and network security;
  - Operational experience with EDR products such as CrowdStrike Falcon, Sentinel One and Windows Defender for Endpoint;
  - In-depth knowledge of multiple programming and/or scripting languages; ability to write simple tools in an appropriate language to perform e.g. investigations, automation of response tasks, collection of forensic artefacts or analysis of evidence data.