Cybersecurity Incident Responder
2025-02-07
Sandvik's Cybersecurity Incident Response Team (SAND-CSIRT) is looking for an Incident Responder to join our team of defenders - helping us develop and handle complex cybersecurity incidents globally across our company. And when we say globally, we mean every corner of the world!
Shortly about us
The CSIRT team is part of our Cybersecurity Global Security Operations, along with our Sandvik SOC team and a Cybersecurity Attack Surface Reduction team. These teams collaborate to prevent and handle cybersecurity incidents, from detection to recovery, and work proactively in securing Sandvik through the service and product development cycle. You help identify the entry point of an attack, assess exposure and data extraction, and constantly evaluate our attack-surface and how to protect Sandvik in the best possible way.
About your job
In this position, you ensure an active safeguarding of our IT environment - effectively managing incidents to eliminate or minimize potential damage. In collaboration with the CSIRT manager and SOC, you enhance current processes and lead the technical work within complex and long running incidents to ensure the CSIRT function's effectiveness.
Furthermore, your detailed responsibilities include:
Conduct rapid analysis and evidence collection during incidents.
Stay updated on IT security trends through regular training, active participation in forums and networking with other incident handlers.
Assist in the development of new tools as well as adapt current; helping us perform our detection and respond quicker and better.
Collaborate with incident management, stakeholders and coordinate with other security personnel, including physical security staff, in security matters.
The location for this position is Stockholm.
Your profile
We're looking for someone with practical experience in a similar cybersecurity role, including experience of working with incident handling. You're proficient in SIEM tools and other security tools such as firewalls, antivirus, IDS and EDR. You have a few years' experience in digital forensics and a strong background in forensic computer science and penetration testing. Since we act on a global scale, you're efficient in both Swedish and English, verbally and in writing.
Following competences is beneficial:
Experience with CERT/CSIRT or SOC, and CISSP or equivalent certification.
SANS Incident Handling Training or equivalent.
Relevant academic education.
Experience with Read Team/Blue Team exercises.
As a person, you're analytical and strategic with an interest in new technology, and you drive initiatives and activities toward efficient solutions. You're also socially secure, sharing knowledge with your colleagues and communicating effectively with various parts of our organization.
Our culture
Our role is clear - through every action, every day, we make the shift and advance the world through engineering. We believe in an inclusive, equal and open-minded culture, and we nurture our diversities to form a solid foundation for achieving great results. Add fair and rewarding benefits, as well as many different career options. Are you intrigued? Visit our website, LinkedIn or Facebook page to get to know us further.
Contact information
For further information about this position, please contact Daniel Bergstrand, recruiting manager, daniel.bergstrand@sandvik.com
We've already decided on which advertising channels and marketing campaigns we wish to use, and respectfully decline any additional contacts in that matter.
Union contacts - Sweden
Malena Rackner, Unionen, +46 (0)70 242 33 90
Göran Norell, Akademikerföreningen, +46 (0)70 616 43 78
Peter Olsson-Andrée, Ledarna, +46 (0)70 222 48 55
Recruitment Specialist: Therese Rutqvist
How to apply
Send your application no later than February 24, 2025. Click apply and include your resume and cover letter in English. Please note that we don't accept applications by e-mail. Job ID: R0074959.
As we aim for a fair recruitment process, we utilize assessment tools to safeguard objectivity. When you apply for this job, you will therefore receive an invitation via email to a personality and logic ability test. Feedback comes immediately after the test has been completed and the selection process begins after the application deadline.
To learn more about our recruitment process, please visit our career site or contact HR Services at hrservices.sweden@sandvik.com
Sandvik is a global, high-tech engineering group providing solutions that enhance productivity, profitability and sustainability for the manufacturing, mining and infrastructure industries. We are at the forefront of digitalization and focus on optimizing our customers' processes. Our world-leading offering includes equipment, tools, services and digital solutions for machining, mining, rock excavation and rock processing. In 2023 the Group had approximately 41 ,000 employees and revenues of about 127 billion SEK in about 150 countries within continuing operations.
Detta är ett heltidsjobb.
