Founded in 2016 Ekco is now one of the fastest growing cloud solution providers in Europe!
We specialise in enabling companies to progress along the path of cloud maturity, managing transformation and driving better outcomes from our clients’ existing technology investments.
️ In a few words, we take businesses to the cloud and back!
We have over 1000 highly talented and supportive colleagues (and counting) across a number of regional offices in the UK, Ireland, Benelux, South Africa & Malaysia.
The Role
As a Cyber Incident Responder (Systems Specialist), you will play a critical role in incident investigations and infrastructure recovery, focusing on system isolation, restoration and hardening. You’ll be part of a high-performing CIRT Team responsible for supporting clients during and after cyber incidents, ensuring secure and resilient network operations.
Incident Response is a demanding and time-intensive role, often likened to emergency services in its urgency and unpredictability. When a cyber crisis occurs, Incident Responders are the first line of Defense, mobilized immediately to contain, investigate, and remediate the issue. These moments require extended hours, rapid decision-making, and a high degree of flexibility, often working through nights, weekends, and holidays to restore normal operations.
The intensity of the role peaks during active incidents, where the workload can be relentless and the stakes high. However, this is balanced by periods of recovery and downtime once the immediate threat has been resolved. During these quieter phases, Incident Responders are afforded well-earned time off to recharge, recognizing the toll that crisis response can take.
Objective of This Role
To lead crisis efforts during cyber incidents, working on systems in various compromised states to assist the security investigation, while also working on recovery elements, including isolating, rebuilding and securing infrastructure, restoring data, and implementing preventative controls. You will also support the Network & Investigation teams with escalations and contribute to documentation and knowledge sharing. Pre & Post Crisis you will contribute to the improvement of our service through better tooling, processes, documentation and knowledge sharing including performing some pro-active functions to enable customers to improve their ability to respond.
The ideal candidate
This role is well-suited to individuals who can rapidly develop a comprehensive understanding of a customer's environment—often in the absence of detailed documentation—and are capable of identifying and implementing architectural changes in real time in line with our methodologies. They need to be located in Ireland, can come to an office to workshop with the team as is needed and can travel nationally and internationally quickly in the event of a Crisis.
Key Requirements
Strong knowledge of: Microsoft products: Windows Server, including key enterprise roles and features (AD, CA, RDS, WSUS, GPM, IIS, Failover Clustering), Exchange, System Center Configuration Manage (SCCM) and SharePoint
M365 suite of products, Azure, Intune, Entra ID (Azure AD), Sharepoint Online.
VMware products: vSphere (vCenter, ESXi and VMs), vSAN, NSX,
Virtual Desktop environments: Citrix (Controllers, StoreFront, Gateway, Cloud Connectors), Azure Virtual Desktops (AVD)
RMM Tooling: Ncentral’s N-Able, Connectwise or other PSA with RMM capabilities
Disaster recovery planning and testing
Exposure to:
Linux (RHEL, Ubuntu, Debian)
Networking concepts, such as TCP/IP, DNS, DHCP, VLAN, VPN, load balancing, and firewalls
Server hardware (Dell, HPE, Lenovo), including hyperconverged nodes
SAN, NAS or other enterprise grade storage (Dell, Pure, Netapp).
SSL certificate management
Monitoring tools (such as icinga, OpsGenie, PRTG, Nagios, Solarwinds Orion, N-able, Nodeping or similar)
PowerShell scripting
Docker and Kubernetes
Site-to-site replication software (Zerto, SRM or similar)
Backup software such as Veeam and Commvault
ITIL framework and change control
You’ll also have:
Great troubleshooting, communication and customer experience skills
Ability to prioritize work, work under pressure and as a part of a team
Eagerness to learn and develop, to help customers and colleagues, and to document environments, processes and policies
Benefits/Perks
️ Time off - 25 days leave + public holidays
x1 day Birthday leave per year
Company Pension Scheme (employer contribution 5%) + flexible salary sacrifice
Employee Assistance Programme (EAP) - access to dedicated mental health, emotional wellbeing and general advice
️ EkcOlympics - a global activity for fun!
Learning & development - Unlimited access to Pluralsight learning platform
A lot of responsibilities & opportunities to grow (also internationally)
Why Ekco
️ Microsoft’s 2023 Rising Star Security Partner of the year
VMware & Veeam top partner status
Ranked as 4th fastest growing technology company in the Deloitte Fast50 Awards
Ekco are committed to cultivating an environment that promotes diversity, equality, inclusion and belonging
We recognise the value of internal mobility and encourage opportunities for internal development & progression
Flexible working with a family friendly focus are at the core of our company values