Examine and analyse data/logs from variety of security technologies, such as IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources - includes forensic analysis of system resource access.
Articulate and Execute Incident Response methods such as SANS
Correlate and analyze events using the SIEM tools to detect IT security incidents
Create, Follow and Present detailed process and procedures to appropriately analyze, escalate, and assist in containment, recovery and remediation of critical information security incidents
Respond to inbound requests via phone and other electronic means for technical assistance with managed services
Work on-site as required with Clients during Live Security Incidents
Document actions in reports or cases to effectively communicate information internally and to Customers
Resolve problems independently and understand escalation procedure
Champion excellence, and support others in the delivery of excellence, through active knowledge sharing with team members, writing technical articles for Internal Knowledge Bases, Blog Posts and Reports as required or requested
Create and Present customer reports to ensure quality, accuracy and value to the Client
Education and Training of other Analysts in execution of Incident Response processes and forensic analysis techniques
Your Qualifications
Bachelors Degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree
6+ years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis or threat detection
Demonstrate experience handling Incident Response engagements using the SANS Incident Response method (or similar)
Strong background or equivalent experience in one of the following: Security Threat and Event Analysis, Network Security Operations or Engineering or System Administration on Unix, Linux, Windows
At least 2-3 years of experience as a Senior or Lead Analyst, or equivalent experience guiding, mentoring and teaching other Analysts/Security Professionals how to handle Security Incidents
CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable
إخلاء المسؤولية: د.جوب هو مجرد منصة تربط بين الباحثين عن عمل وأصحاب العمل. ننصح المتقدمين بإجراء بحث مستقل خاص بهم في أوراق اعتماد صاحب العمل المحتمل.
نحن نحرص على ألا يتم طلب أي مدفوعات مالية من قبل عملائنا، وبالتالي فإننا ننصح بعدم مشاركة أي معلومات شخصية أو متعلقة بالحسابات المصرفية مع أي طرف ثالث. إذا كنت تشك في وقوع أي احتيال أو سوء تصرف، فيرجى التواصل معنا من خلال تعبئة النموذج الموجود على الصفحة اتصل بنا