Skip to main content
100 years and 71 days since the five-day weekRead the story

Incident Response Specialist

4 x 9hr days100% payHybrid · Napoli, Italy

Overview

You will work in an international, dynamic and growing context, in a key technical role within the Bank's CSIRT. In the Incident Response team, you will coordinate and manage complex incidents, providing technical guidance and specialized support, collaborating with the Bank's technical and critical functions to resolve events across different areas involved, from technical and operational aspects to business impacts, operational continuity and regulatory compliance. You will also contribute to post-incident analysis and incident readiness, strengthening processes, playbooks and response capabilities.

What will your activities be

  • Coordinate and manage high-complexity and critical incidents, ensuring the effectiveness of containment, eradication and recovery actions, in coordination with the technical functions involved
  • Evaluate events submitted to the CSIRT by other Event Management functions, defining severity and priority and directing actions in line with company processes and policies
  • Oversee advanced technical analysis (log correlation, EDR/SIEM analysis, timeline reconstruction, evidence analysis), directing and validating the team's investigative activities
  • Support and direct containment and response activities, identifying necessary support functions and coordinating mitigation and recovery activities even in multi-stakeholder scenarios
  • Support the management of incidents with potential impacts on Business Continuity, collaborating with competent functions for the assessment of operational impacts, activation of planned measures and service restoration
  • Manage and validate tracking and reporting activities to different stakeholders, including top management, ensuring quality, completeness and consistency of information
  • Support liaison with external counterparts (e.g. national CSIRT, Public Authorities, specialized vendors and suppliers), preparing and validating necessary technical elements
  • Coordinate and facilitate post-incident analysis activities, including root cause identification, lesson learned definition and proposal of corrective and preventive actions
  • Support the planning and execution of incident readiness simulations, including exercises with impacts on operational continuity, involving the various Bank functions and ensuring formalization of outcomes and improvement actions

Who we are looking for

If you have the following characteristics, we are waiting for you:

  • 5-10 years of experience in cyber security, Incident Response and Cyber Security
  • STEM degree (Computer Engineering, Computer Science, Cyber Security or related fields)
  • Excellent knowledge of English (written and oral)
  • Consolidated experience in Incident Response / CSIRT / SOC teams in complex contexts; experience in the financial sector is a preferred qualification
  • Advanced and constantly updated knowledge of cyber threats and main TTPs
  • Advanced knowledge of MITRE ATT&CK and Cyber Kill Chain frameworks, and ability to apply them in event classification/analysis
  • In-depth knowledge of Incident Response frameworks and guidelines (e.g. NIST, ENISA, CISA)
  • Solid experience in the use of security systems (e.g. SIEM, UEBA, SOAR, EDR/AV, Scanners, Proxy, WAF, IDS, Forensic tools) and ability to tune/optimize use cases
  • Strong understanding of security implications and investigation methodologies on common IT components: networks, operating systems, basic infrastructures, application environments and web technologies
  • Knowledge and experience in programming or scripting languages (e.g. Python, C/C++, Java) aimed at automations, data analysis and support to investigative activities
  • Knowledge of Business Continuity principles and management of events with operational/service impact, in relation to cyber incidents

The following knowledge represents a preferred qualification:

  • CISSP, GCIH, GCFA/GFCA, GREM, GCIA certifications

What we offer you

  • Gross annual salary starting from €50,000

  • The Group provides a variable component of remuneration as regulated by the Remuneration Policies available on the Group website

  • Complementary elements governed by the National Collective Labor Agreement for Credit and second-level company agreements

  • Professional development initiatives to support the growth of our people

  • Extensive training offer through the Corporate Academy dedicated to continuous development of professional, managerial and transversal skills at all levels

  • Possibility to adopt flexible work and 4x9 short week

  • Modern and integrated company welfare system (link)

  • Health coverage and supplementary pension from the date of hire

  • Advantages on products and services of the Group's banks

Who we are

We are a leader in Italy and one of the main banking groups in Europe. Join us and be part of our success story! With over 20 million customers in Italy and abroad, we are a true engine of sustainable growth with a strong commitment to the environment and tangible impact on society.

People are at the center, we take care of them by committing to create an inclusive culture within the Group in which everyone feels like a protagonist and valued.

The Chief Security Officer Governance Area oversees in an integrated manner the physical security, information security and operational continuity of the Group, leveraging specialized expertise and advanced technological solutions, with the objective of ensuring high international security standards.

The Area includes the structures of Security Staff, Group Security Planning & Models Monitoring, Corporate and Physical Security and Cybersecurity, Antifraud & Business Continuity Management, ensuring a coordinated and cross-functional approach to Group protection.

Join our international reality. The future doesn't wait, you choose it!

#sharingfuture

We guarantee an inclusive environment and equal opportunities. We will consider all applications regardless of race, religion, sexual orientation, gender identity, marital status, age, disability or any other protected category in compliance with D.lgs. 198/2006, 215/03 and 216/03.

For the evaluation of applications, data will be used by Intesa Sanpaolo S.p.A. as Data Controller. We invite you to review the dedicated Privacy Notice.