Senior IT-security Consultant

Do you have extensive incident response experience, a solid consultancy background and an extrovert positive attitude, then you might be the colleague we are looking for.

For our passionate team of highly skilled consultants we are looking for an incident responder, who has a proven track record of working with Enterprise customers and thrive in a dedicated market-leading, cutting-edge team, where your colleagues are passionate hardcore experts in defensive and offensive security.

Apart from your experience with incident response, we also expect that you are experienced and passionate about other areas within IT security consultancy, in particular, infrastructure penetration testing and web application testing.

Your focus:

The primary focus is to be part of our CSIS incident response team. The team assists customers with everything from smaller ransomware cases to targeted threats and compromises of entire large network with tens of thousands of machines. Your responsibility will also include various consultancy related projects. This could be penetration testing of web applications and infrastructure, investigation of customer networks for signs of compromise and from time to time running phishing campaigns, advising customers on windows security and giving recommendations on how to harden a network.

 Your experience:

We are searching for a candidate with at least 7 years of professional experience in incident response. Experience with large scale intrusions is required and you must have technical knowledge and experience in approaching an incident in a structured, professional and calm way. You are a person that can think out of the box and, at the same time, being able to support and communicate with the customers on all levels. Moreover, you will ensure focus, progress and timely results, getting the customers back to running their business.

Furthermore, you are having at least 4 years of work experience in offensive security, doing web application and infrastructure penetration tests.

We have a team of reversers standing by to help you with any malicious code you find, so reversing is not a requirement, but you need to be confident with dynamic malware analysis.

Minimum qualifications:

  • Knowledge of both Windows and Linux security
  • Experience with the full incident response process
  • Used to writing concise incident reports
  • Computer forensics
  • Penetration testing of web applications and infrastructure
  • Knowledge of enterprise network setups, network and windows domain
  • Understanding business demands
  • Ability to translate IT security risks into business risks and present them to non-technical people
  • Be available to travel with short notice
  • Be part of an on-call 24/7/365 duty plan
  • At least 7 years of IR experience from a previous job (either in large Enterprise or as a consultant)
  • Fluent verbal and written communication skills in English

We would also appreciate:

  • Relevant degree or certification(s) (BSc, MSc, GIAC, GCIH, GCIA, GPEN, GCFA, CISSP, OSCP)
  • Experience in code review (.net, c#, php)
  • Experience with large scale intrusions (10.000+ devices)
  • Network forensics
  • Memory forensics
  • Knowledge of EDR, SIEM and NIDS systems
  • Knowledge of Darktrace
  • Knowledge of using a SIEM system
  • Good communication skills in Danish

Working for us you will:

  • Become part of a strong, talented, diverse and passionate international team of colleagues
  • Be part of an inclusive, ambitious and relaxed environment with exceptional people
  • Be given both responsibility and flexibility to reach your goals
  • Work in a financially independent company
  • Have a competitive salary and personal benefits package

Full-time and permanent position available immediately


This position is currently open in our Consultancy team, located in Copenhagen, Denmark.

It is a requirement that you can show and uphold a clean criminal record. Also, it is an advantage if you have been security cleared by your National intelligence and security authority at level “Secret”.

Relocation to Denmark will be required if the successful candidates are currently located elsewhere.

To apply for this position, please e-mail your resume and a cover letter to:

Additional information about this position:
Please contact HR Director Tina Houlberg on +45 2535 9926

About CSIS:

We're an independent cyber security agency with a single focus - detecting and mitigating threats to protect our customers’ assets, brands and users. We create value by sharing our threat intelligence expertise and help protect some of the world's largest commercial enterprises.

We welcome diversity and attract candidates from all backgrounds, traditional and non-traditional. Whatever your age, gender, disability status, sexual orientation, religion, ethnicity or family circumstances, we make it our business to make sure you’re treated with fairness and respect, always.