Incident Handler, Cyber Security (CSIRT)

3 days left

Employer
Target
Location
Brooklyn Park, Minnesota, United States
Posted
Nov 18, 2018
Closes
Dec 13, 2018
Category
Business, Other
Employment Status
Full Time
Description: JOIN US AS AN INCIDENT HANDLER, CSIRT, CYBER SECURITY

Similar Industry Titles and Key Words: cyber security, intrusion, event analyst, fusion center, incidents

SUMMARY:
Incident Handler positions support higher-level cyber security operations by monitoring alerts during critical and high volume events within a 24/7 Cyber Security Fusion Center and by responding to security incidents according to established policies and best practices.  Incident handlers provide guidance to tier one and other first responders for the proper handling of Information Security incidents, coordinate efforts of and provide timely updates to multiple business units during response as well as provide recommendations to the units as required.

KEY RESPONSIBILITIES:
• Perform intrusion scope and root cause analyses. 
• Assist intrusion remediation and strategy development and implementation. 
• Recommend effective process changes to enhance defense and response procedures.  
• Handle high and critical severity incidents as described in the operations playbook. 
• Perform additional analysis of escalations from Incident Triage Analyst and review Level 2 tickets. 
• Coordinate with Threat Operations and Threat Intelligence Specialists to resolve high or critical severity level incidents. 
• Provide on-boarding training and coaching to for lower-level CFC Analysts
• Leads Cyber Hunt activities and provides direction to the Hunt team analysts assigned to the exercise

MINIMUM QUALIFICATIONS:
• 5+ years of information security experience
• BA/BS in Engineering, Computer Science, Information Security, or Information Systems.  A MA/MS in the above is highly desired.
• Experience using event escalation and reporting procedures
• Experience supporting Network Investigations.
• Understanding TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
• Understanding UNIX, Windows, Mac operating systems and command line tools
• Knowledge of how the Windows file system and registry function
• Ability to learn and operate in a dynamic environment
• Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
• Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
• Strong oral and written communication skills

DESIRED QUALIFICATIONS:
•  Experience working in a 24/7 SOC environment
•  Experience with host and network based security tools products
•  Experience managing cases with enterprise SIEM and logging systems
•  Experience with scripting or development
•  Experience conducting forensic media analysis and log file analysis
•  One or more certifications including, Security+, GREM, GCIA, GCIH, CISSP or similar


Qualifications:

Similar jobs

Similar jobs