Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Incident Manager (Level II)
Company NAIS
Location Arlington, VA
Preferred GIAC Certifications GCIH, GCIA
Travel 10%
Salary 55-67
URL https://www.clearancejobs.com/jobs/4560595/incident-manager-level-ii?utm_source=directlyapply&utm_medium=jobfeed&utm_campaign=ats
Contact Name MShrewsbury
Contact Email mshrewsbury/at/sans.org
Expires 2020-06-11

Job Description

Incident Manager (Level II)

Full Time
Salary range: $55K-$67K
TS Clearance Required

These positions will be in support of the National Cybersecurity & Communications Integration Center’s (NCCIC’s) Hunt and Incident Response Team (HIRT) under the Department of Homeland Security (DHS).

Core Competencies:

• Knowledge of incident response and handling methodologies
• Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
• Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access,escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks
• Knowledge of basic system administration and operating system hardening techniques
• Knowledge of Computer Network Defense policies, procedures, and regulations
• Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)

Level II
(4-6 years incident management experience or cyber security operations experience with a High school diploma; or a Bachelor’s degree from an accredited college or university in Incident Management, Operations Management, Cyber security, or related discipline, and with 2-4 years of incident management or cyber security operations experience)

Proficiency at level II includes all skills defined at level I in addition to the following:

• Research and compile known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise
• Apply knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation state threat actors to identify and validate threats
• Apply cyber security concepts to the detection and defense of intrusions into small, and large-scale IT networks
• Conduct cursory analysis of log data