(Senior) Incident Responder 80 - 100%

As a (Senior) Incident Responder, you are part of the baseVISION CSIRT and respond to reported security incidents. You support affected companies or institutions in containing and mitigating damage and in managing the aftermath of security incidents. During quieter periods, you stay up to date on new attack techniques and relevant threat landscapes in order to continuously optimize existing processes and tools.

What awaits you

  • You lead and handle incident response operations during cyberattacks on our customers.
  • You conduct in-depth forensic analyses, collect and preserve artifacts, and investigate a wide range of on-premises, system, and cloud environments.
  • You document incident response cases in a structured, precise, and audience-oriented manner in written final reports.
  • You collect and analyze threat actor behaviors (TTPs) and derive indicators of compromise (IoCs).
  • You perform proactive threat hunting activities to protect our customers.
  • You work closely with analysts from the baseVISION SOC and enable them to contribute to more complex cases.
  • You contribute to the development and operation of our forensic and incident response infrastructure.
  • You actively propose ideas to improve tools, automation, and processes.
  • You advise organizations on incident response preparedness and support them in increasing their maturity level.
  • You support our security analysts within the MXDR service and assist with escalations and deeper technical analyses.

What we expect

  • Several years of hands-on experience as an Incident Responder or Security Analyst in a CDC/SOC environment.
  • Education or training in digital forensics and/or incident response, including practical application of relevant methods and tools.
  • Knowledge of malware analysis and reverse engineering techniques.
  • Curiosity and a fast grasp of evolving threat landscapes.
  • Experience with tools such as forensic agents, EDR/XDR, and SIEM solutions.
  • Knowledge of the Microsoft security stack, particularly KQL.
  • Willingness to learn, combined with an innovative, motivated, and flexible working style.
  • Strong team skills as well as the ability to work independently.
  • Ability to work accurately and with focus under pressure.
  • Willingness to participate in on-call duty.
  • Professional appearance when dealing with stakeholders and the ability to present technical topics in a clear and understandable way.
  • Very good German and English language skills.
  • DFIR-related certifications (e.g., GCIH, GCFA, GEIR, GREM, or equivalent) are an advantage.

baseVISION as employer

You can expect a future-oriented role in an innovative company with a dynamic team. You will take on a high level of personal responsibility and actively contribute your own ideas.
A high degree of autonomy and a varied range of tasks support your continuous professional development. You will benefit from modern employment conditions and the opportunity to work remotely and from home. At baseVISION, almost anything is possible.

    Apply now

    Is this just the right challenge for you? Then we look forward to receiving your application. Prepare your CV, motivation letter and other supporting documents and click on “I am interested” to start the application process. 

    I am interested!

    No Applications from Recruitment Agencies 
    Please note that we do not accept applications from recruitment agencies. We prefer to have direct contact with potential candidates and kindly request your understanding regarding this requirement.
    Thank you!