Upvote
Downvote
Incident Handler
Share Job
- Suggest Revision
Full-time
- DESCRIPTION OF RESPONSIBILITIES: Conduct incident analysis and recommend mitigation measures in response to general or specific advanced persistent threats (APT) attempted exploits/attacks, malware delivery, etc., On army networks.
- Monitor all sensors and agents managed by the organization for security event analysis and response; and maintain and update the triage database with current threat data and response methods in real-time with follow-up recurring within 72 hours of last response.
- Respond to a detected event and perform triage, ensure proper handling of the associated trouble ticket (TT), and process events in accordance with appropriate TTPs. Maintain an up-to-date point of contact (POC) list for LE/CI agencies as routinely provided by the major cybercrimes unit (MCU) and cyber counterintelligence agencies.
- Provide all initial cyber incident investigation reports to LE/CI. Develop, staff, coordinate and execute cyber–incident response investigations for the operational environment (unclassified and classified).
- Utilize advanced detection capabilities for Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), and Digital Forensic solutions.
Active Job
Updated 1 month agoSimilar Job
Relevance
Active