CSIRT Member
80
100
Aarau|Aargau|AG|Switzerland|CHE
Apply now
Informatics and digital business
Applicants with professional experience
Job Description
Informatics and digital business
Swiss Post Cybersecurity AG
Aarau|Aargau|AG|Switzerland|CHE
80
100
74114
Information at a Glance

Due to a rapidly growing volume of engagements, we are looking for an Incident Response and Forensic Analyst to join our Incident Response Team. The ideal candidate brings solid expertise and hands-on experience to help protect our customers from cyberattacks. 

Join our team and defend the digital future with us!   

Your tasks   

  • Investigate and triage suspicious activity on workstations and information systems, from initial doubt to confirmed incident. 

  • Assist clients in managing security incidents, including APT intrusions, ransomware, BEC, data exfiltration, insider threats, web application compromises, phishing and credential theft, etc. 

  • Conduct proactive threat hunting to identify past or ongoing compromises. 

  • Lead kick-off meetings and present clear, actionable analyses to clients. 

  • Collaborate closely with the SOC to improve real-time detection capabilities. 

  • Contribute to the full range of team activities, including tabletop exercises and threat intelligence. 

  • Enhance team expertise by enriching methodologies, sharing research (tools, articles, insights), and developing and testing tools. 

  • Build and deliver training sessions in academic or professional environments. 

  • Promote CSIRT activities through impactful publications. 

Your skills   

  • At least 3 years in a SOC/CSIRT environment, including 2 years of hands-on incident response involving advanced threats (APT, ransomware, BEC). 

  • Deep understanding of operating system internals and/or reverse engineering (Windows internals, Win32 API, Active Directory, GNU/Linux), as well as hands-on forensics and incident response in public cloud environments (Azure/AWS/GCP, including M365/Entra ID). 

  • Familiarity with incident response tools and processes (e.g. Velociraptor, KAPE, Plaso). 

  • Proficiency in scripting or development to automate repetitive tasks, such as intrusion detection scenarios. 

  • You are willing to work at our office in Aarau and participate in a 24/7 on-call rotation, with potential emergency travel to customer sites. 

  • Fluency in German and strong English skills are a must. Knowledge of French is a plus 

 

Job Ref: bkNYT0leekVZXl9GS15DRUQQSVlDWF5qWVpJWQRJQg==
Swiss Post Cybersecurity AG:Half Fare Travelcard or contribution to a GA Travelcard, Swiss Post Cybersecurity AG:Attractive pension fund solution offering three different savings plans, Swiss Post Cybersecurity AG:Minimum five weeks' holiday with increasing number of holiday days according to years of service, Swiss Post Cybersecurity AG:Time and money budget for further education/training, Swiss Post Cybersecurity AG:Free mobile phone subscription
Hide process in advertisement
 
Kevin Allan Meyer

Title

Paragraph

      Kontakt.

      Fragen zur Bewerbung.

      Martin Bütikofer
      Recruiting
      +41 58 667 05 35