Senior CSIRT Analyst (all genders)

THE ROLE & THE TEAM
 

Security Incidents have a high potential to cause a severe business impact on the organization. They often involve ambiguity, complexity, and the need for off-playbook approaches and solutions to manage unprecedented problems. Flexibility, fast movement, and the ability to reduce complex situations to individual components to allow action-taking are key during such situations. 

The Senior CSIRT Analyst coordinates task forces to respond to major Information Security Incidents. They act as a primary point of contact for all parties involved and contain, eradicate, and recover Information Security Incidents.

Most of their time, they will work during core business hours but also regularly on-call outside of business hours and on weekends.
 

Most of their time, they will work during core business hours but also regularly on-call outside of business hours and on weekends.
 

INCLUSIVE BY DESIGN
 

At Zalando, our vision is to be inclusive by design. And this vision starts with our hiring - we do not discriminate on the basis of gender identity, sexual orientation, personal expression, ethnicity, religious belief, or disability status. You are welcome to leave out your picture, age, or marital status from your application. We only assess candidates on their qualifications and merit. 

We want to provide you with a great candidate experience. Feel free to inform us of any accommodations you may need, so we can best support you throughout the hiring process. 

do.BETTER - our diversity & inclusion strategy: https://corporate.zalando.com/en/our-impact/dobetter-our-diversity-and-inclusion-strategy 

Our employee resource groups: https://corporate.zalando.com/en/our-impact/our-employee-resource-groups 
 

WHAT WE’D LOVE YOU TO DO (AND LOVE DOING)

• Drive Incident response activities together with a task force through the entire Security Incident Lifecycle;

• Coordinate the investigation activities of involved Cybersecurity Analysts;

• Partner with engineering teams and other on-call staff to drive the investigation and response and facilitate swift decision-making;

• Interact with platform partners on 3rd party Incidents to evaluate the potential impact on Zalando;

• Steer stakeholder communication on the highest level, keeping stakeholders in a close loop and serving as the primary point of contact throughout the entire Incident Response Lifecycle; You interact directly with senior executives, equipping them with critical information required for swift decision-making;

• When not managing Incidents, you continuously improve our monitoring coverage, respond to security alerts, and design and execute tabletop exercises to ensure all CSIRT members and Stakeholders understand their roles and can execute their responsibilities during an Incident.
   

WE’D LOVE TO MEET YOU IF

• You have 5+ years of working experience as a Cybersecurity Analyst, raising business-critical decisions during major Incidents;

• You have excellent communication skills, verbal and written, and a proven track record for dealing with the most senior stakeholders;

• You have the ability to size up a situation, assess the effectiveness of various tactics, and make rapid decisions on appropriate courses of action on major Incidents; 

• You have experience in security monitoring, detection, and analysis methodologies and technologies, including network-based intrusion detection systems, extended detection and response solutions (XDR), web application and network firewalls, and SIEM solutions;

• You can convince with working knowledge of protecting assets on AWS and working with Kubernetes on AWS. Preferably, you gained experience with AWS native security tools. Also, monitoring a Google Workspace environment is ideally part of your previous experience.

• You have gained an in-depth understanding of the MITRE ATT&CK Framework, the Cyber Kill Chain, and NIST. 

If you think you have what it takes, we encourage you to apply even if you don't meet every single requirement. You may just be the right candidate for this or other roles!
 

OUR OFFER
 

Zalando provides a range of benefits, here’s an overview of what you can expect. Ask your Talent Acquisition Partner to learn more about what we offer.

• Employee shares program

• 40% off fashion and beauty products sold and shipped by Zalando, 30% off Zalando Lounge, discounts from external partners

• 2 paid volunteering days a year

• Hybrid working model with 60% (or more) remote per week, actual practice is up to each team to best support their collaboration

• Work from abroad for up to 30 working days a year

• 27 days of vacation a year to start

• Relocation assistance available (subject to prior agreement)

• Family services, including counseling and support

• Health and wellbeing options (including Gympass)

• Mental health support and coaching available

Learn all about Zalando and our values here: https://jobs.zalando.com/en/?gh_src=22377bdd1us