The Incident Handling team is responsible for investigating all cyber security incidents. This team detects, responds, and remediates threats for the enterprise. Incident Handlers are also expected to play an active role in process development and assist with the selection of new technologies related to their work.
Ideal candidate will have 3+ years of security related experience in incident triage/incident response
Experience with command line interface and some level of exposure to administering systems and services for various operating systems.
Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation
Understanding of Security principles, techniques and technologies such as SANS Top 20 Critical Security Controls and OWASP Top 10
Education / Certifications
Security Certifications Preferred (including but not limited to the following certifications):
- Certified Incident Handler (GCIH)
- Certified Intrusion Analyst (GIAC)
- Certified Ethical hacker (CEH)
- Certified Expert penetration tester (CEPT)
- Certified Information Systems Security Professional (CISSP)
- Networking Certifications (CCNA, etc.)
- Platform Certifications (Microsoft, Linux, Solaris, etc.)