Staff Cybersecurity Specialist – Incident Response (f/m/x)

About Eye Security

Eye Security is providing cybersecurity with embedded cyber insurance solutions for organizations in Europe. Headquartered in the Netherlands, we are already over 170 FTEs and continue to grow internationally.

We combine cutting-edge technology with hands-on expertise to detect, respond to, and recover from cyber threats in real time. Our team brings together talent from intelligence, military, tech, and consulting backgrounds — all united by a shared mission: to make enterprise-grade cybersecurity accessible to every business, not just the big players.

At Eye, you’ll work on projects with an international footprint, solving real-world challenges and helping to build a safer digital future for our clients.

About this role

We are looking for a Staff Cyber Security Specialist (f/m/x) to strengthen our Incident Response and Security Operations capabilities. This is a senior individual contributor role for an experienced incident responder who enjoys solving complex security challenges and helping organizations navigate critical cyber incidents.

In this role, you will lead incident response engagements from investigation through recovery, working directly with customers during some of their most challenging moments. You will act as a trusted technical authority within the team, mentor less experienced responders, and help drive improvements across our security operations.

Unlike traditional consultancy environments, you will operate within a product-driven MDR organization serving more than 1,000 customers across Europe. This gives you the opportunity to work at scale, leverage large security datasets, and contribute improvements that strengthen protections across our entire customer base.

You will work with state-of-the-art security tooling while collaborating with security professionals from intelligence, military, consulting, national CERT, and technology backgrounds.

Alongside operational response work, you'll have opportunities to contribute to internal research initiatives, Bug Bounty Fridays, Capture The Flag events, and other technical projects that help push our capabilities forward.

This position is based in the Netherlands and reports directly to the Director of Security Operations.

What you will do

• Act as a leading technical authority within Security Operations, taking ownership of strategic improvement initiatives and helping shape the future direction of our incident response and security operations capabilities.

• Lead cyber incident response engagements from intake through recovery.

• Act as the technical lead during investigations, coordinating response activities and driving outcomes.

• Conduct forensic investigations to determine attack scope, root cause, and impact.

• Support customers during active cybersecurity incidents and provide clear technical guidance.

• Support MDR and Security Operations activities when not engaged in active incident response cases.

• Work with internal and external stakeholders, including management, legal counsel, law enforcement, and regulators when required.

• Mentor junior and medior responders and help raise the technical maturity of the team.

• Contribute to the continuous improvement of incident response methodologies, playbooks, and operational processes.

What you will need

• 6+ years of experience in cybersecurity with significant hands-on experience in Incident Response, Digital Forensics, Security Operations, or related disciplines.

• Proven ability to independently lead and manage cybersecurity incidents end-to-end.

• In-depth knowledge of Windows, Linux, and macOS operating systems, file systems, security architecture, and attack surfaces.

• Strong knowledge of enterprise infrastructure, networking, and network security principles.

• Experience with EDR platforms such as CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, or similar technologies.

• Knowledge of cloud environments and cloud security concepts across Microsoft 365, Azure, AWS, or Google Cloud.

• Strong investigative and analytical skills with experience collecting and analysing evidence during security incidents.

• Ability to communicate technical findings clearly to both technical and non-technical stakeholders.

• Experience mentoring or coaching other security professionals.

• Strong ownership, collaboration, and communication skills.

• Fluency in English (internal working language)

• Fluency in Dutch (required for client communication)

Nice-to-have

• Experience developing scripts, tools, or automations to support investigations and response activities.

• Experience conducting technical security research.

• Knowledge of threat actors and attacker tactics, techniques, and procedures (TTPs).

• Experience working in a CERT, CSIRT, MDR, or DFIR environment.

What we offer

• A meaningful mission: protect organizations across Europe from real-world cyber threats