Incident Responder

Incident Responder - Systems SME at Bluecube Technology Solutions - An Ekco Company. Location: Dublin - Ekco. Hybrid.

Founded in 2016 Ekco is now one of the fastest growing cloud solution providers in Europe. We specialise in enabling companies to progress along the path of cloud maturity, managing transformation and driving better outcomes from our clients' existing technology investments.

In a few words, we take businesses to the cloud and back We have over 1000 highly talented and supportive colleagues across regional offices in the UK, Ireland, Benelux, South Africa & Malaysia.

As a Cyber Incident Responder (Systems Specialist), you will play a critical role in incident investigations and infrastructure recovery, focusing on system isolation, restoration and hardening. You'll be part of a high-performing CIRT Team responsible for supporting clients during and after cyber incidents, ensuring secure and resilient network operations.

Incident Response is a demanding and time-intensive role, often likened to emergency services in its urgency and unpredictability. When a cyber crisis occurs, Incident Responders are the first line of Defense, mobilized immediately to contain, investigate, and remediate the issue. These moments require extended hours, rapid decision-making, and a high degree of flexibility, often working through nights, weekends, and holidays to restore normal operations. The intensity peaks during active incidents and is balanced by periods of recovery and downtime with time off to recharge.

To lead crisis efforts during cyber incidents, working on systems in various compromised states to assist the security investigation, while also working on recovery elements, including isolating, rebuilding and securing infrastructure, restoring data, and implementing preventative controls. You will also support the Network & Investigation teams with escalations and contribute to documentation and knowledge sharing. Pre & Post Crisis you will contribute to the improvement of our service through better tooling, processes, documentation and knowledge sharing including performing some pro-active functions to enable customers to improve their ability to respond.

This role is well-suited to individuals who can rapidly develop a comprehensive understanding of a customer's environment—often in the absence of detailed documentation—and are capable of identifying and implementing architectural changes in real time in line with our methodologies. They need to be located in Ireland, can come to an office to workshop with the team as is needed and can travel nationally and internationally quickly in the event of a Crisis.

Strong knowledge of:

• Microsoft products: Windows Server, including key enterprise roles and features (AD, CA, RDS, WSUS, GPM, IIS, Failover Clustering), Exchange, System Center Configuration Manage (SCCM) and SharePoint
• M365 suite of products, Azure, Intune, Entra ID (Azure AD), Sharepoint Online.
• VMware products: vSphere (vCenter, ESXi and VMs), vSAN, NSX
• Virtual Desktop environments: Citrix (Controllers, StoreFront, Gateway, Cloud Connectors), Azure Virtual Desktops (AVD)
• RMM Tooling: Ncentral's N-Able, Connectwise or other PSA with RMM capabilities
• Disaster recovery planning and testing

Exposure To

• Linux (RHEL, Ubuntu, Debian)
• Networking concepts, such as TCP/IP, DNS, DHCP, VLAN, VPN, load balancing, and firewalls
• Server hardware (Dell, HPE, Lenovo), including hyperconverged nodes
• SAN, NAS or other enterprise grade storage (Dell, Pure, Netapp)
• SSL certificate management
• Monitoring tools (such as icinga, OpsGenie, PRTG, Nagios, Solarwinds Orion, N-able, Nodeping or similar)
• PowerShell scripting
• Docker and Kubernetes
• Site-to-site replication software (Zerto, SRM or similar)
• Backup software such as Veeam and Commvault
• ITIL framework and change control

You'll Also Have

• Great troubleshooting, communication and customer experience skills
• Ability to prioritize work, work under pressure and as a part of a team
• Eagerness to learn and develop, to help customers and colleagues, and to document environments, processes and policies

Benefits/Perks

• Time off - 25 days leave + public holidays
• x1 day Birthday leave per year
• Company Pension Scheme (employer contribution 5%) + flexible salary sacrifice
• Employee Assistance Programme (EAP) - access to dedicated mental health, emotional wellbeing and general advice
• EkcOlympics - a global activity for fun
• Learning & development - Unlimited access to Pluralsight learning platform
• A lot of responsibilities & opportunities to grow (also internationally)

Why Ekco

• Microsoft's 2023 Rising Star Security Partner of the year
• VMware & Veeam top partner status
• Ranked as 4th fastest growing technology company in the Deloitte Fast50 Awards
• Ekco are committed to cultivating an environment that promotes diversity, equality, inclusion and belonging
• We recognise the value of internal mobility and encourage opportunities for internal development & progression
• Flexible working with a family friendly focus are at the core of our company values

Department Technical Delivery | Locations Dublin - Ekco | Remote status Hybrid