Skip to content

Latest commit

 

History

History
78 lines (45 loc) · 2.79 KB

Incident_Responder.md

File metadata and controls

78 lines (45 loc) · 2.79 KB

Summary

Performs forensic analysis of digital information and gathers and handles evidence.Identifies network computer intrusion evidence and perpetrators, and coordinates with other government agencies to record and report incidents.Participate in collaborative sessions with other CNDSPs and IC agencies on malicious intrusions, attacks or suspicious activities, as well as share emerging Cyber Threat Intel data.Assist in the development of Indicators of Compromise for active defensive countermeasures and passive detection signatures. Position may require evening, weekend or shift-work (depending on operational tempo).

Baseline

Hard Skills

  • Hands-on experience in data analysis (preferably network traffic or log analysis) in relevant data analysis and data science platforms (Jupyter, Splunk, pandas, SQL)
  • Familiarity with cloud infrastructure, web application and servers, android and iOS mobile platforms
  • Experience with malware analysis and reverse engineering
  • Familiarity with enterprise SIEM platforms (e.g. Splunk, QRadar, ArcSight)
  • Fluency with one or more scripting language (i.e. Python)
  • Performs forensic analysis of digital information and gathers and handles evidence. Identifies network computer intrusion evidence and perpetrators.
  • Identifies network computer intrusion evidence and perpetrators, and coordinates with other government agencies to record and report incidents.
  • Participate in collaborative sessions with other CNDSPs and IC agencies on malicious intrusions, attacks or suspicious activities, as well as share emerging Cyber Threat Intel data.
  • Assist in the development of Indicators of Compromise for active defensive countermeasures and passive detection signatures.
  • Research and produce analysis on nation state cyber threat actors.
  • Utilize internal and open source research for awareness of nation stated targeting, trends, etc.
  • Develop strategic cyber threat intelligence products in support of network defense operations
  • Position may require evening, weekend or shift-work (depending on operational tempo).

Soft Skills

  • Continuous learning on the job
  • You want to build things, not just break them

Education

  • Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent experience

Certification

  • FOR508
  • SEC504
  • eCIR

Job Salary

Asia

$69K <= $89K <= $111K

Africa

$49K <= $64K <= $79K

North America

$61K <= $86K <= $102K

South America

$72K <= $96K <= $132K

Europe

£55,624 <= £68,999 <= £120,499

Oceania

AU$78K <= AU$108,990 <= AU$191K

Interview Questions

Training Resources