Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Incident Manager (Level II)
Company NAIS
Location Arlington, VA
Preferred GIAC Certifications GCIH, GCIA
Travel 10%
Salary 55-67
URL https://www.clearancejobs.com/jobs/4560595/incident-manager-level-ii?utm_source=directlyapply&utm_medium=jobfeed&utm_campaign=ats
Contact Name MShrewsbury
Contact Email mshrewsbury/at/sans.org
Expires 2020-06-11

Job Description

Incident Manager (Level II)

Full Time
Salary range: $55K-$67K
TS Clearance Required

These positions will be in support of the National Cybersecurity & Communications Integration Center’s (NCCIC’s) Hunt and Incident Response Team (HIRT) under the Department of Homeland Security (DHS).

Core Competencies:

• Knowledge of incident response and handling methodologies
• Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incident
• Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access,escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks
• Knowledge of basic system administration and operating system hardening techniques
• Knowledge of Computer Network Defense policies, procedures, and regulations
• Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)

Level II
(4-6 years incident management experience or cyber security operations experience with a High school diploma; or a Bachelor’s degree from an accredited college or university in Incident Management, Operations Management, Cyber security, or related discipline, and with 2-4 years of incident management or cyber security operations experience)

Proficiency at level II includes all skills defined at level I in addition to the following:

• Research and compile known resolution steps or workarounds to enable mitigation of potential Computer Network Defense incidents within the enterprise
• Apply knowledge of the tactics, techniques, and procedures of various criminal, insider, hacktivist, and nation state threat actors to identify and validate threats
• Apply cyber security concepts to the detection and defense of intrusions into small, and large-scale IT networks
• Conduct cursory analysis of log data