Description
Incident Response: Rapid and effective handling of emerging incidents, whether detected by the team itself, alerted by LF SOC, reported from external channel, or otherwise manifested. Potential damage should be eliminated, or at least minimized.
Forensic: Careful analysis of what has happened in connection with an incident and secure proof of proof of possible legal action.
Environmental Monitoring: The incident manager is expected to have good and fresh knowledge of IT security and incident management. Regular training, participation in conferences, active in different forums, and links with other incident managers.
Process Improvement: You will work in collaboration with team lead and SOC to improve current processes to achieve a good ability of the CSIRT function.