Cyber Security Experte/in - Digital Forensics Incident Response

Your Qualifications:

  • 3+ years of experience in Cyber Security Operations, Incident Handling, Digital Forensics or Malware Analysis
  • Certification(s) as GIAC Certified Incident Handler (GCIH), Forensic Analyst (GCFA), Forensic Examiner (GCFE), or other equivalent technical certifications
  • Prior experience in Digital Forensics Incident Response (DFIR) or malware analysis will be an advantage 
  • Evidence collection and management knowledge, including chain of custody and ideally an understanding of Swiss banking secrecy and EU data protection and privacy themes commonly encountered during incidents and investigation
  • Helpful, although not essential, experience with network or application penetration testing, exploit writing or participation in red team exercises
  • Working knowledge of hacking, malware and adversary tactics, technics, procedures and how they apply to intelligence driven defence
  • Proven knowledge in network protocols, including TCP/IP, operating systems (Windows and Unix) and scripting languages (such as Python, Perl, Bash, PowerShell)
  • Experience with security products such as Antivirus, IDS, IPS, Firewalls, Proxy, SIEM, Log Management and Splunk
  • Knowledge and familiarity with enterprise architecture and networks, virtualisation and cloud technologies
  • Ability to work under high pressure and in stressful situations
  • Fluent in English, German nice to have

About the role:

  • Responsibility to contribute positively to the TSS Threat Detection and Response service, working as a member of the Cyber Security Incident Response Team (CSIRT)
  • Coordinating and leading incidents and investigations, including the engagement of other teams and Business Partners through containment, eradication and recovery
  • Searches using indicators of compromise to identify and discover other affected assets
  • Analysing log and other data sources to investigate the nature of an incident or investigation, establishing the impact, root cause and indicators of compromise
  • Conducting Digital Forensics Incident Response (DFIR) activities to remotely triage and analyse systems
  • Analysing malware, including as static and dynamic analysis
  • Cooperation with Cyber Security Operations teams such as the Security Operations Center, Cyber Threat Intelligence, Security Analytics and Vulnerability Management

Are you ready for a new challenge and available immediately in Zurich? We look forward to receiving your application in MS-Word on For any questions, please contact us: +41 44 485 44 99.