Security Incident Responder
- Solna, Sweden
Snow’s mission is to stop organizations overpaying for the software they use, today and tomorrow. We help organizations optimize software availability, compliance and cost savings through delivery of on premise and cloud-based Software Asset Management solutions. Today we are the largest and most successful dedicated developer of SAM solutions with staff all over the world in regional locations. To sustain our explosive growth, we are looking for the brightest, and most highly-skilled people who have their best work ahead of them. Now is the right time to join Snow.
You will analyze disparate pieces of technical and non-technical information, from a variety of sources and in many peculiar formats, in order to quickly and accurately assess the scope, severity and potential impact of a security issue or vulnerability, or event, or incident and to work with other internal (3rd party security partners) teams to take appropriate action on a timely basis and at times, under pressure.
You will be part in assessing the effectiveness of security and risk management controls, to detect security issues, events and incidents (attacks, intrusions) and to be able to recommend appropriate and proportionate actions to keep data and operations, as well as customer data safe.
- Monitor, react to, investigate and respond to all real or perceived information security and cyber-related events, issues, incidents, threats, and attacks within desired time scales.
- Be familiar with, and or experience delivering, incident readiness and preparedness services, such as tabletop exercises, threat briefings, incident playbooks or runbooks, standard security operational procedures (SOPs), and practices to protect the enterprise and educate fellow colleagues where necessary
- Perform analysis for data acquired through observability, SIEM, produce actionable insights and begin to gather a timeline of events
- Determine the severity of alerts and security vulnerabilities, assess potential impacts, recommend next steps, follow through with risk treatment and mitigation
- Run aux or war room efforts to focus efforts on isolation, forensics, and maintaining contact with key stakeholders and the company's DPO and legal council. Notify ICO, via Security Manager and CIO
To succeed in this role you must have
- Experience of being able to prioritize activities based on a changing threat and risk landscape
- Demonstrable experience in the delivery of Security Operations, Incident management, and response
- Familiarity with Microsoft Azure Cloud IAAS/PAAS and CNCF – Cloud Native Technologies (K8S, Nats streaming, Micro-services, Sumologic, IdP and Oath solutions, Open Data Telemetry stds) and particularly their security protection capabilities
- Knowledge of penetration and threat testing methodologies and approaches, including external test targets eg OWASP, NIST
- Carry out Real-Time monitoring of security systems and telemetry (logs, alerts) and other information (eg threat intelligence feeds) supplied by various tools and systems: Firewalls, Intrusion Detection and Prevention Systems, Log Monitoring, Traffic Inspection, Anomaly detection, and SIEM through Observability Platform such as Sumologic
This is a chance for you to accelerate your career and succeed in an environment where you will have the possibility to make a daily impact. Every day you will get to work alongside helpful and down-to-earth colleagues who are dedicated and ambitious. We fully recognize that it is our employees that make Snow a success and the global leader in the development and delivery of dedicated SAM solutions. If you are the right person for the role we will offer you exciting and developing assignments and you will get to be part of a fantastic journey within a dynamic high-growth business.