الوصف الوظيفي
Summary:
An Incident Response specialist’s job requires actively monitor systems and networks for intrusions. They must identify security flaws and vulnerabilities, perform security audits, risk analyses, network forensics, and penetration tests. They also expected to perform malware analysis and reverse engineering. The specialist is expected to actively respond to cybersecurity incidents.
Scope of work:
Correlates incident data to identify
Analyzes log files from multiple sources to identify possible threats to network
Triages incidents to identify specific vulnerability, determine scope, urgency and potential impact, makes recommendations that enable expeditious remediation.
Analyzes and reports cyber defense
Performs initial collection of images to relevant forensic standards; inspects to evaluate possible mitigation and remediation
Performs incident response tasks to support deployable incident response teams including forensic collection, intrusion correlation, tracking, threat analysis and system
Tracks and documents cyber incidents from initial detection to final
Writes and publishes cyber defense techniques, guidance and post incident reports to appropriate
Employs defense-in-depth principles and practices in line with organizational
Collects intrusion artifacts and uses discovered data to mitigate potential cybersecurity incidents within the
Writes and publishes reviews to learn and promulgate lessons from cybersecurity
Monitors external data sources to keep understanding of currency of cybersecurity threats up to date and determines which security issues may have an impact on the
Provides expert technical support to resolve cyber defense
Works as a technical expert in support of law enforcement, explaining incident details and forensic analysis as
perform other applicable tasks and duties assigned within the realm of the employee’s knowledge, skills and abilities in the field of his/her position” and this is included to discourage possible arguments when an employee may consider an issue to “not be in his/her responsibility
المهارات
Skills:
Needs to be able to:
Identify, capture, contain, and report malware
Apply core cybersecurity principles
Develop and deploy signatures
Use intrusion detection technologies to detect host and network-based intrusions
Determine the normal operational state for security systems and how that state is affected by change
Develop, test, and implement network infrastructure contingency and recovery plans
Evaluate the adequacy of security designs
Preserve evidence integrity according to standard operating procedures or national standards
Tune sensors
Use protocol analyzers
Use scientific rules and methods to solve problems
Use virtual machines
Conduct forensic analyses in multiple operating system environments
Secure network communications
Effectively recognize and categorize types of vulnerabilities and associated attacks
Protect a network against malware
Knowledge:
Needs to have thorough knowledge of the following:
Network components, their operation and appropriate network security controls and methods
Understanding of risk assessment, mitigation and management methods
Relevant cybersecurity aspects of legislative and regulatory requirements, relating to ethics and privacy
Principles of cybersecurity and privacy
Cybersecurity related threats and vulnerabilities
The likely operational impact on an organization of cybersecurity breaches
Appropriate data backup and recovery methods and solutions, including testing
Cybersecurity aspects of business continuity and disaster recovery planning and including testing
Host and network access control mechanisms
How network services and protocols interact to provide network communications
Incident categories, incident responses and timelines for responses
Best practices for incident response and incident management
Host-based and network-based intrusion detection methodologies and techniques
Best practice network traffic analysis methods
Packet-level analysis
System and application security threats and vulnerabilities
Qualifications:
Minimum of Bachelors’ Degree in Cybersecurity, Computer Science, or related fields
Two or more of the following certifications are required:
Security+
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
Certified Ethical Hacker (CEH)
GIAC Security Essentials Certification (GSEC)
Cisco Certified Internetwork Expert Security (CCIE Security)
Palo Alto Networks Certified Network Security Engineer (PCNSE)
Microsoft Certified: Azure Security Engineer Associate (MCASEA)
Experience:
A minimum of 4-6 years of experience in Information Technology with a minimum of 2-3 years of experience in Information/Cybersecurity incident response.
Additional Requirement:
Preferred refers to experience/certification/qualification that would be beneficial but is not mandatory and would not exclude the candidate from being considered suitable for the position
تفاصيل الوظيفة
منطقة الوظيفة جدة, المملكة العربية السعودية
قطاع الشركة خدمات الدعم التجاري الأخرى
طبيعة عمل الشركة صاحب عمل (القطاع الخاص)
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف --
الراتب الشهري غير محدد
عدد الوظائف الشاغرة 1
المرشح المفضل
المستوى المهني متوسط الخبرة
عدد سنوات الخبرة الحد الأدنى: 4
الشهادة بكالوريوس/ دبلوم عالي
https://www.bayt.com/ar/saudi-arabia/jobs/cyber-incident-responder-4425936/
نسخة للطباعة 
ابلغ عن اعلان مخالف