Senior Consultant
Eclaro Philippines
Quezon City, PH
1d ago

Senior Consultant

Company's offered CERT service will constitute of a designated CERT manager and a number of 1st line security incident responders, who will be responsible for receiving incident reports from several sources, doing initial analysis of the incoming incidents, gather all relevant and supporting information and escalating incidents to CERT 2nd line or to the customer whenever necessary.

The incident handler will also work together with Company or third party MSSP to make sure that all relevant information is collected and recorded before escalating the incident further.

The incident handler has good knowledge in the field of information security and incident response as well as related disciplines, such as computer networking and operating systems.

Furthermore, he needs to be able to find and distill relevant information from multiple sources and communicate his findings both internally and externally clearly and succinctly.

On a day to day basis the incident handler will work together with Company security services, Company CERT and other stakeholders to identify report and respond to security incidents in the customer's environment.

Responsibilities :

  • Receive and monitor incident information from Company managed security services and other sources;
  • Review the collected incident data and confirm or reject incidents based on the analysis;
  • Collect supporting evidence and information from different sources based on initial analysis. Sources of information may include network traffic captures, OS or application level log files, antivirus logs, firewall logs etc.

  • Classify and prioritize incidents based on established criteria;
  • Record incidents to tracking systems and escalate to relevant stakeholders such as Customer experts or Company CERT 2nd line;
  • Track the status of escalated incidents and support in response effort whenever necessary.

    What we're looking for...

    You'll need to have :

    Bachelor's degree in Computer Science or four or more years of work experience.

    Four or more years of relevant work experience.

    Two or more years of experience in a dedicated security position.

    Clear and concise written and oral English, including the ability to product professional-level documentation.

    Strong problem-solving and security analytics skills; Need to identify, correlate and analyze information from multiple sources, such as network traffic dumps, operating logs etc.

    Ability to excel in high pressure environments.

    Willingness to travel.

    Even better if you have :

    A Master's Degree.

    SANS or other Security certifications, such as GCIA, GCIH, GREM, GPEN, CEH.

    CISSP Certification.

    Understanding the capabilities and limitations of different security technologies, such as firewalls, SIEM solutions, antivirus solutions, network / host-level intrusion detection tools etc.

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form