|
Ad title:
Computer Security Incident First Responder
|
| Provided By:
LEPL Operative-Technical Agency of Georgia
|
|
Published: 08 October
/ Deadline: 08 November
|
The Operative-Technical Agency of Georgia of the State Security Service of Georgia is announcing the Vacancy of the Computer Security Incident First Responder (Hereinafter also referred as First Responder) whose primary responsibility is to detect potential computer security incidents and provide rapid response to cybersecurity threats facing I and II Tier Critical Information System Subjects.
With the aim to ensure high quality delivery of the abovementioned services, the First Responder is required to execute following tasks:
** Monitor and detect anomalies and suspicious processes on the network level and at endpoints;
** Thoroughly Plan and execute incident containment and eradication;
** Lead post incident enquiry and root cause investigation process;
** Collecting digital evidences during incident response phase in a forensically sound manner;
** Thorough knowledge of Cybersecurity Triage when detecting and responding multiple threats/identified computer security incidents;
** Elaboration of the recommendations and detailed instructions aimed at eradication and/or mitigation of the detected and exploited security noncompliance;
** Communicating with business owners and technical stakeholders for the purposes of increasing efficiency computer security incident first response process;
** Articulating findings into clear and actionable corrective measures both in verbal and written format.
The appropriate candidate for the Position must possess the following proven knowledge/experience/skills:
** Monitoring and detection capability of anomalies through Security Onion, Wazuh and other commercial and open source Security Information and Event Management Platforms (SIEMs);
** Familiarity with Velociraptor, Wazuh client and other commercial and open source Endpoint Detection and Response Tools (EDRs);
** Through understanding of Windows and/or Linux and/or macOS operating systems security baselines and identification and seizing relevant digital artifacts;
** Through understanding of the functionality principles of web applications, platforms and services and analysis of understanding of the underlying protocols;
** Basic understanding of vulnerability assessment and penetration testing processes;
** Using knowledge of the tools for packet capture and analysis such as Wireshark or TCPdump;
** Through configuration and usage of sandbox environment;
** Deep dive into cyber-threat intelligence analysis and sharing, using MISP in particular;
** Scripting capability (e.g. Python, Bash and Powershell);
** Knowledge of English Language (at least B2 Level);
** The ability to adjust to a wide range of IT technologies and swiftly become proficient in new ones.
Please send your CV to vacancy@ssg.gov.ge and mention the position name in the subject line.
Only shortlisted candidates will be contacted.
|
|
|
|
All Jobs
All Ads by this Client
Printer Friendly
Share on facebook