Incident Responder

About Ekco

Founded in 2016, Ekco is one of the fastest-growing cloud solution providers in Europe

We specialize in enabling companies to progress along the cloud maturity journey, managing transformation, and optimizing their existing technology investments.

In short, we take businesses to the cloud and back

We have over 1000 talented and supportive colleagues across regional offices in the UK, Ireland, Benelux, South Africa, and Malaysia.

The Role

As a Cyber Incident Responder (Systems Specialist), you will be crucial in incident investigations and infrastructure recovery, focusing on system isolation, restoration, and hardening. You will join a high-performing CIRT team supporting clients during and after cyber incidents to ensure secure and resilient network operations.

Incident Response is a demanding, time-sensitive role, often likened to emergency services due to its urgency and unpredictability. Responders are the first line of defense during cyber crises, requiring extended hours, rapid decisions, and flexibility, including nights, weekends, and holidays, to restore normal operations.

The role's intensity peaks during active incidents but is balanced by recovery periods and downtime, allowing responders to recharge.

Objective of This Role

Lead crisis efforts during cyber incidents, working on systems in various compromised states to assist security investigations, and on recovery tasks such as isolating, rebuilding, securing infrastructure, restoring data, and implementing preventative controls. You will also support the Network & Investigation teams with escalations and contribute to documentation and knowledge sharing. Pre- and post-crisis, you'll help improve our services through better tooling, processes, and documentation, including proactive measures to enhance customer response capabilities.

The ideal candidate

This role suits individuals who can quickly understand a customer's environment—often without detailed documentation—and can identify and implement architectural changes in real time according to our methodologies. Candidates must be based in Ireland, able to attend in-office workshops as needed, and capable of rapid travel nationally and internationally during crises.

Key Requirements

Strong knowledge of:

• Microsoft products: Windows Server (including AD, CA, RDS, WSUS, GPM, IIS, Failover Clustering), Exchange, SCCM, SharePoint
• M365 suite, Azure, Intune, Entra ID (Azure AD), SharePoint Online
  • VMware: vSphere (vCenter, ESXi, VMs), vSAN, NSX
    • Virtual Desktop environments: Citrix (Controllers, StoreFront, Gateway, Cloud Connectors), Azure Virtual Desktops (AVD)
      • RMM tools: Ncentral's N-Able, Connectwise, or other PSA with RMM capabilities
      • Disaster recovery planning and testing

Exposure to:

• Linux (RHEL, Ubuntu, Debian)
• Networking concepts: TCP/IP, DNS, DHCP, VLAN, VPN, load balancing, firewalls
• Server hardware: Dell, HPE, Lenovo, hyperconverged nodes
• SAN, NAS, enterprise storage (Dell, Pure, NetApp)
• SSL certificate management
• Monitoring tools: icinga, OpsGenie, PRTG, Nagios, Solarwinds Orion, N-able, Nodeping, or similar
• PowerShell scripting
• Docker and Kubernetes
• Site-to-site replication: Zerto, SRM, or similar
• Backup software: Veeam, Commvault
• ITIL framework and change control

You'll also have:

• Excellent troubleshooting, communication, and customer service skills
• Ability to prioritize, work under pressure, and collaborate
• Eagerness to learn, develop, document environments, processes, and policies

Benefits/Perks

• 25 days leave + public holidays
• 1 day birthday leave per year
• Company pension scheme (5% employer contribution) + flexible salary sacrifice
• Employee Assistance Programme (EAP) for mental health, wellbeing, and advice
• EkcOlympics — a global fun activity
• Unlimited access to Pluralsight learning platform
  • Opportunities for responsibility and international growth

Why Ekco

• Microsoft's 2023 Rising Star Security Partner of the Year
• VMware & Veeam top partner status
• Ranked 4th fastest-growing tech company in Deloitte Fast50
• Committed to diversity, equality, inclusion, and belonging
• Support for internal mobility and development
• Flexible, family-friendly working environment