Description
Security Incident Response Manager | Stockholm | 4 months
The position represents the role of incident manager in LF CSIRT, a response team consisting of a Full time team lead and another 6-8 people working part time.
You are expected to be the team's technical specialist and work closely with CSIRT team lead. You will also have regular collaboration with LF SOC. Most of the work is done during office hours, but sometimes are expected to be included in emergency preparedness.
The duties are described below.
. Incident Response: Rapid and effective handling of emerging incidents, whether detected by the team itself, alerted by LF SOC, reported from external channel, or otherwise manifested. Potential damage should be eliminated, or at least minimized.
. Forensic: Careful analysis of what has happened in connection with an incident and secure proof of proof of possible legal action.
. Environmental Monitoring: The incident manager is expected to have good and fresh knowledge of IT security and incident management. Regular training, participation in conferences, active in different forums, and links with other incident managers.
. Process Improvement: You will work in collaboration with team lead and SOC to improve current processes to achieve a good ability of the CSIRT function.
Qualifications
Mandatory Competency Requirements
. Good experience of incident management
. SIEM tool
. Other security tools (FW, AV, IDS, EDR, etc.)
. computer forensics
. Penetration Tests
. Good English skills
Qualifying skills requirements
. Long experience from CERT/CSIRT or SOC
. CISSP, or equivalent
. SANS Incident Handling Training, or equivalent
. Relevant academic education
. Experience of Red Team/Blue Team exercises
Please apply directly
Daniel Ronaghyon