Description
This company operates America's largest 4G LTE network and most reliable 3G network. We also provide converged communications, information and entertainment services over America's most advanced fiber-optic network, and deliver integrated business solutions to customers in more than 150 countries.
This company is looking for a specialist in Computer Security Incident Handling to strengthen its Computer Security Incident Response Capability.
The handling of these incidents may be complex, as the team handles targeted attacks or has to deal with Advanced and Persistent Threats (APT). The team may have to handle multiple incidents in parallel which may involve multiple stakeholders.
The incident handler will participate in the development and delivery of most of the core CERT services according with defined policies, processes and procedures.
Registration, confirmation and triage (RCT) process
On a daily basis:
Receive and acknowledge alerts from the SOC or from other partners;
* Confirm and classify the incidents;
* Open an incident in the workflow system, identify the stakeholders and notify them;
* Assign the case to an incident handler (possibly himself) and initiate the incident handling process.
Incident handling is the core process achieved by the job holder.
The related tasks are the following:
* Collect and manage incidents data and artefacts related to the incident;
* Analyse data in order to build a comprehensive view of the incident;
* Maintain and share incident documentation
o Elaborate the map of the attack/incident (ie with tools like MS Visio, Maltego, );
o Build a reliable timeline of the incident;
o Maintain a situation report using relevant information sharing tool (ie web portal, wiki);
* Define response strategy (and present it to the management for approval):
o Containment;
o Mitigation;
o Eradication;
o Recovery;
* Provide technical assistance to all stakeholders;
* Coordinate incident response;
* Produce incident and activity reports.
Ability to participate in multi-lingual meetings (English and French) is compulsory;
* Good communication and drafting skills in English or French (at least level C1 in the CEF scale) are required;
* He/she should have a talent for presenting complex technical information clearly and attractively to the target audience;
* The candidate must have the ability to define problems, collect data, analyse, establish facts, and draw valid conclusions, with rigour and exactness, where not all the information is available.