Lead Cyber Incident Responder
Job Location:
Monthly Salary:
Posted on:
Vacancies:
Job Summary
Job details
As a Cyber Security Incident Responder in the Cyber Security Incident Response Team (CSIRT) you will contribute by responding to cyber security incidents and enhancing the security posture of the Department.
Hands-on technical cyber security incident response expertise is required for this role as you will be performing technical analysis when responding to cyber security incidents.
Additionally excellent verbal and written communication skills are required for this role as you will be collaborating with a range of internal and external stakeholders across all levels.
Key duties and responsibilities
Key duties and responsibilities include but are not limited to:
- Investigate and respond to potential and actual cyber security incidents end-to-end across the cyber security incident response lifecycle.
- Use provided tools and technologies to perform cyber security incident response.
- Drive cyber security incident communications ensuring all parties are aware of incidents and their role in the process.
- Develop and maintain records and documentation related to cyber security incidents.
- Communicate and document technical findings and recommendations to technical and non-technical stakeholders through formal reporting briefs emails and verbal advice.
- Facilitate recovery including post incident review following resolution of cyber security incidents.
- Develop maintain and test the cyber security incident management policy and plan/procedures while ensuring compliance with regulatory requirements and best practice.
- Identify and drive technical improvements including but not limited to alert tuning.
- Maintain and optimise cyber security incident response processes.
- Mentor and upskill other team members.
- Other duties as directed.
Technical skills
Required: Minimum of 3 years of hands-on technical experience in a cyber security incident responder role and strong technical expertise using Microsoft security tools. Desired: GIAC certifications such as GCIH and GCFA and Microsoft security certifications.
Requirements
Criteria
Essential criteria
1.Proven hands-on technical cyber security incident response expertise and responding to cyber security incidents from end-to-end.
2.Strong technical expertise using Microsoft security tools related to cyber security incident response.
3.Excellent verbal and written communications during and after cyber security incidents including technical findings and recommendations to technical and non-technical stakeholders across all levels.
Required Skills:
Criteria The buyer has specified that each candidate must provide a one page pitch to address all criteria specified. This is equal to 5000 characters. Essential criteria 7 IVM experience 7 EASM experience integrations
