Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Incident Response Specialist Remote GCIH, GCFA InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Incident Response Specialist
Company ConnectWise
Location Remote
Preferred GIAC Certifications GCIH, GCFA
Travel 0%
Salary Not provided
URL https://recruiting.ultipro.com/CON1045CONNE/JobBoard/b6336a2a-0ea6-8191-e065-20ccca5147e1/OpportunityDetail?opportunityId=58a3f216-1a21-45b7-a028-c3349ec4df01
Contact Name ConnectWise Talent
Contact Email talent/at/Connectwise.com
Expires 2022-03-11

Job Description

Description
The Incident Response Specialist is responsible for executing proactive contact during an incident response scenario to guide and assist in the identification, escalation and remediation of threats and incidents. This individual works closely with the Incident Owner as an incident lead and primary technical resource.

Essential Duties and Responsibilities:
• Accountable and responsible for Incident Response, Partner Communication, and Resolution.
• Primary technical resource in Incident Response processes, while maintaining excellent communication skills, both oral and written, with various audiences.
• Work cross-functionally and adhere to escalation procedures with other parts of the Organization.
• Ability to situationally adapt and understand new technology/processes as per the business/partner requirement.
• Serve as an escalation point for Jr. IR analysts, while working collaboratively and independently to triage potential incidents and resolve issues.
• Strong skillset performing log analysis, from multiple sources.
• Ability to research, analyze, and document findings, including root cause analysis.
• Maintain patience and thoughtful communication to facilitate client interactions.
• Excellent organizational skills: ability to prioritize and manage multiple tasks.
• Other duties as assigned.


Knowledge, Skills, and/or Abilities:
To excel in this role, an individual should be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Relevant professional experience including working knowledge or high-level awareness of the following technologies:


• Event/Log analysis experience from various sources.
• Understanding common firewall and ACL types, configurations, and functions.
• Experience with Network Analysis tools (e.g., Nmap, Net Witness, Wireshark, etc.)
• Understanding of Windows Management technologies (e.g., Active Directory, Group Policy Objects, PowerShell, SCCM, etc.)
• Systems administration experience within popular operating systems (e.g., Windows 7+, Windows Server OS’s, Linux, OSX, etc.)
• Experience and understanding of the Incident Response Life cycle.
• Experience and understanding of various AV/EDR/SIEM solutions.
• Understanding of Networking Administration, including routing, switching, VLANs, OSI model & associated protocols; to perform isolation and other actions pertaining to security events and network administration.
• Staying up to date with emerging security threat landscape, including applicable regulatory security requirements such as PCI-DSS, HIPAA, SOX II, GDPR.
• ITIL Foundations preferred

Educational/Vocational/Previous Experience Recommendations:
• Certifications: SANS GCIH, GCFA, ECIH, CHFI, ISC2, ISACA, or other DFIR related certification preferred.
• Bachelor's degree in Computer Science, Information Security, or related field preferred, but not required.
• 1 to 2 years of experience in a Cyber Security environment preferred
• 2 to 3 years of experience in an IT support environment preferred

Benefits:
• 401(k) w/ matching
• Health insurance
• Unlimited PTO
• Salary
• Fully Remote

Schedule:
• 8 hour shift
• Due to the nature of this role, rarely some nights & weekends may be required

Work Remotely:

For more information, please go to www.connectwise.com/careers.

The statements above are intended to describe the general nature and level of work being performed by people assigned to this job. Other duties may be assigned as needed. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

ConnectWise is an Equal Opportunity Employer.