Forensics and Incident Response CSM Requirements
- Experience with advanced computer exploitation methodologies
- Ability to synthesize data from multiple sources and present concise, relevant information to a non-technical audience
- Experience with FireEye products, highly desired
- Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment, highly desired
- Experience in an analytical role of either network forensics analyst, threat analyst, incident response or security engineer/ consultant
- One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent certifications in these areas
- Experience developing and managing incident response programs
- Expertise in analysis of TCP/IP network communication protocols
- Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
Forensics and Incident Response CSM Responsibilities
- Develop custom reports and other custom configurations / use cases for FireEye products within customer’s environment
- Help determine the extent of the compromise, attributes of any malware and possible data ex-filtrated
- Develop, document and manage containment strategy
- Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response
- Host/network based forensic investigations
- Develop custom reports based on data from multiple sources, including FireEye appliances, FireEye threat intelligence, network sensors, and outside intelligence feeds
- Present technical material in a clear, organized briefing to a mix of technical and non-technical personnel
- Identify opportunities to integrate FireEye appliances with other security products in customer’s network
Qualifications
- Excellent knowledge of current information security solutions and technologies, including network and host based products
- Experience implementing NIST information security guidelines in a diverse network environment
- Experience and knowledge of packet flow/TCP/UDP traffic, firewall technologies, proxy technologies, anti-virus, spam and spyware solutions (Gateway and SaaS)
- Malware/security experience
- Programming / scripting skills, highly desired
- Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
- Excellent communication and presentation skills with the ability to present to a variety of external audiences, including being able to interact with senior executives
- Exceptional written communication
- Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner
- Ability to set and manage expectations with senior stake-holders and team members
More jobs on https://www.qureos.com/
$ads={2}
$ads={1}