Visma Software SRL - Sibiu Visma Software SRL - Sibiu Visma Software SRL - Sibiu Visma Software SRL - Sibiu Visma Software SRL - Sibiu

Cyber Security Incident Responder


Do you like defending computer systems and keeping attackers out of the company environments? Do you like being a superhero, fighting crime and solving puzzles?

Then this job is for you!

Visma’s GSOC (Global Security Operation Center)  is looking for a passionate and skilled Cyber Security Incident Responder that will be in charge of investigating cyber security incidents, threat hunting and developing cyber-attack related countermeasures.

You will be a member of the Security Operation Centre and your skills and contributions to manage Visma security will be very visible. You must love to innovate, analyse data, improve detections, perform digital forensic and reverse engineering  and to help team members and receive help from them. 

The team is international so you will use English both written and orally. 

If the descriptions above fit you, and you can check several of the following bullets, we can offer you very interesting work and competitive terms.

The current position is located in Sibiu, Timișoara and Iasi, Romania



  • Master’s or Bachelor's degree in related fields (Engineering, Computer Science, Mathematics), preferably in Information Security with an overall minimum of 5 years of relevant experience

  • In depth knowledge of processes, research and performance analysis capabilities

  • Effectively cope with change; comfortably adjust to alterations in work activities; able to decide and act with limited information; effectively handle risk and uncertainty in ambiguous situations

  • Demonstrated resilience, diplomacy, influence, relationship building, and problem solving skills in a variety of situations

  • Highly effective written and oral communication skills, excellent interpersonal skills and experience dealing effectively with a wide range of people

  • Fluency in Business English is required

  • Customer oriented behaviour

  • Fast learner - research capabilities for obtaining required information.

  • Relevant experience in:

    • Operating systems and computer networks administration

    • Knowledge of technical infrastructure, networks, databases and systems in relation to information security and risk management

    • Experience in security engineering, computer and network security, authentication, security protocols and applied cryptography

    • Experience in monitoring networks using a variety of tools to identify potential intrusions

    • Experience in performing Cyber Security Incident Response

    • Experience in  Threat Hunting

    • Experience in Forensics

    • Experience in Malware Reverse Engineering

  • In-depth technical knowledge within information security areas:

    • SIEM detection and monitoring (able to report, prioritise, triage, track  and analyse logs/events)

    • Cyber Security Incident Response

  • Experience in implementing security solutions, vulnerability testing, risk analyses and security assessments is an advantage



  • Monitor the company networks, systems and application security solutions to identify and bring to attention breaches and potential intrusion incidents

  • Performs digital forensic activities, collecting artefacts, tracking & documenting evidence timeline

  • Performs Purple Team Testing activities for infrastructure and applications developed Visma Group or hosted by Visma as instructed by the manager

  • Performs vulnerability testing, risk analyses and security assessments

  • Coordinate security trainings and awareness activities

  • Deliver technical reports and formal papers on Visma Security and forensics activities

  • Develop security standards, procedures and best practices for their organisation in regards of adversary hunting and threat intelligence

  • Perform adversary hunting driven by intrusion kill chains and tactics, techniques and procedures as adversary indicators

  • Performs adversary hunting and threat intelligence

  • Identify gaps in the data sources  and detections used in cyber security  monitoring activities and recommend improvements

  • Build knowledge of cyber threat landscape - including malicious actors, commonly used TTPs, and targets of past campaigns

  • Build the processes, tools, playbooks, controls, and analytic capabilities to detect and respond to threats across a large-scale web/cloud infrastructure

  • Contribute to reports that document security breaches and the extent of the damage caused by the breaches. Reports and technical risk assessments of potential threats towards the organisation


We will offer you:

  • A creative working environment with the latest technologies and tools

  • Good opportunities for career development in a large international company

  • Opportunities to grow and learn, with access to in-house trainings, knowledge sharing forums, and online learning platforms

  • An exciting position in an international working environment (R&D community with more than 1000 employees)

  • Work in agile teams with modern collaboration tools

  • Company holiday apartments in Spain and France

  • Attractive salary and benefits package (13th salary, medical insurance, pension PIII, seniority bonus, referral bonus, other bonuses for special events, Bookster subscription, meal tickets, monthly budget for flexible benefits)


Security Team

The Security Team drives the Visma corporate governing model, oversees information security to ensure the objectives of the organisation are achieved.

In addition, it provides a powerful link between an organisation’s governing body, management and those responsible for implementing and operating an information security management system.

The Security Team is organised in multiple teams with different skill sets and it provides the opportunity to explore many areas of the Information Security field such as Incident Response, Pentesting, DevSecOps etc.

At the core of a successful Security Operations Center is a strong foundation for operational excellence driven by well-designed and executed processes, strong governance, capable individuals and a constant drive for continuous improvement to stay ahead of the cyber adversaries.

The Security Team supports business objectives and effectively improves a company’s risk posture. A truly effective Security Team is one that provides a safe environment for the business to deliver on its core objectives in line with its strategic direction and vision.

The Security Team is designed to collect, integrate, and analyse alarms and logs from Visma siloed organisations, providing much greater situational awareness. Additionally, the Security Team allows a transition to an intelligence-driven approach to security incident management, which is much more effective for handling advanced threats.

Visma Security Team provides significant value to organisation security through:

  • Real-time intelligence

  • Unified security incident management

  • Optimization of security resources

  • Improved threat analysis across utility domains

  • Unified configuration/patch standardisation 

  • More efficient forensics and root cause analysis

  • Governance of risk compliance

  • Security monitoring and security events management

  • Monitoring of security policies compliance 


Why Visma?

We have at our roots the Scandinavian work culture.

Meaning we encourage each employee to work in their own style, support open communication, thrive on building trusting relationships, encourage flexibility from any point of view and put huge emphasis on work-life balance. Every Visma Romania employee is free to work from anywhere in Romania, to work from home as much as they feel it’s necessary, and to come to the office when they feel it’s necessary. 

Visma teams have the necessary support to coordinate projects, make decisions, and manage their time as they see fit. At the same time, life in Visma includes participation in technical courses, conferences, and the opportunity to add internationally recognized certifications to your experience - theory is then put into practice and the preferred method to do so are hackathons because it gives the satisfaction of bringing something new to the project. We also openly encourage employees to be themselves at work, but also in their day-to-day life by developing hobbies and activities outside the office.

If you are curious to see if everything that we mentioned is true like our Facebook page, follow us on Instagram, subscribe to our Youtube channel!


About Visma

Visma delivers software that simplifies and digitises core business processes in the private and public sector. With presence across the entire Nordic region along with Benelux, Central and Eastern Europe, we are one of Europe’s leading software companies.

Visma is one of Europe’s leading software companies with over 14,000 employees and more than 1,000,000 customers. Visma closed out 2021 with a strong performance in Q4, with Annualized Repeatable Revenue (ARR) growing 25,6% to € 1 649m. Total revenue for Q4 grew 18,0% to € 564 million, while EBITDA increased 10,1% to € 150 million.

Get the latest financial information presented in our quarterly and annual reports and browse our archive dating back to 1997 here.


Share on:

Reference No.:



  • Banat region
  • Transilvania region
  • Moldova region

Application deadline:





Company homepage:

Office address:

Strada Ștrandului nr. 2 550068 Sibiu