818 Consulting

Описание работы

Are you looking for a job that will contribute to empower Armenians to systematically improve their lives and wellbeing, provide opportunities for private enterprises to enhance competitiveness, ensure greater efficiency and good governance in public institutions, and enable the development and widespread use of personalized IT solutions built around the needs of everyday citizens? Then we have an exceptional opportunity for you!

Computer Emergency Response Team (CERT) or Computer Security Incident Response Team (CSIRT) is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents.

As IR Analyst you will work with other CSIRT experts, each one predominantly focused on the specific security domain for which they are most competent, but all closely cooperating as a team, coordinated by the CSIRT Team Manager.

We encourage you to apply even if you do not satisfy all the skills and knowledge requirements.

/ru/csirt-analyst-incident-response-for-2

Обязанности

• Going through the whole incident response process starting with preparation and ending with lessons learned and writing a report.
• Obtaining evidences in collaboration with users and sysadmins.
• Maintain, operate, and enhance IR infrastructure.
• Develop security plans, policies, procedures and incident response training materials.
• Detail guidelines for users on what security issues should be reported and outline a process for making a report.
• Create incident response playbooks for common incident types.
• Reevaluate the effectiveness of procedures every time an incident occurs.

Требования

• Bachelor’s degree in Information Technology, Computer Science, Management Information Systems or closely related field is required.
• Knowledge of Windows, Linux, and macOS operating systems.
• Knowledge of Digital Forensic Industry standards, chain of custody procedures, forensic methodologies, best practices and evidence handling.
• Experience of working with incident handling/management tools.
• Understanding of MITRE ATT&CK framework.
• Web security including understanding of the underlying protocols.
• Understanding how debuggers, disassemblers and decompilers work.
• Scripting / automation experience using Python, Go, PowerShell, Bash etc.
• Using malware detonation sandboxes.
• Basics of cyber-threat intelligence sharing platforms.
• Ability to write technical reports
• Basics of Threat Intelligence lifecycle.
• Strong analytical and problem solving skills, including the ability to deal with a large amount of information in a limited time
• Ability to establish and maintain effective working relations with coworkers in an international and multi-disciplinary work environment
• A high degree of commitment and flexibility
• Good communication skills in English and in Armenian, both orally and in writing
• A focus on constant learning and improvement of technical and personal skills
• Experience with a vast array of IT technologies and the ability to quickly master new ones.

Требуемый уровень кандидата: Средний уровень

Дополнительная информация