Duties and Responsibilities
- Search out, identify and Understand adversaries internal to the defenders networks
- Proactively search for Threats to prevent or minimize damage
- Performs deep-dive incident analysis by correlating data from various sources; determines if a critical system or data set has been impacted; advises on remediation; provides support for new analytic methods for detecting threats
- Use computer forensic tools to examine and analyses electronic media in suspected computer hacking cases.
- Document findings in an easy to read format and be able to provide proper documentation/s as needed.
- Due to the technicality of the some computer related terms, one is expected to write reports in words that can be easily understood by everyone.
- As reports provided by the Responders could end up being used as evidence, Responders may also be called to testify in court as a fact or expert witness.
- They are required to work with outside departments to develop incident remediation solutions.
Should have an acceptable degree of knowledge with the following:
- SIEM Training
- IDS/IPS penetration, vulnerability testing
- Firewall intrusion detection, prevention, protocols
- Secure coding practices, ethical hacking and threat modelling
- Windows, Linux, & Unix Operating Systems
- Virtualization technologies
- Database platforms
- Identity and access manager principles
- Application security and encryption technologies
- Secure network architecture
- Subnets, DNS encryption technologies and standards, VPNS, VLANS and other network routing methods.
- Network and web related protocols.
- Advanced Persistent Threats (APT), phishing and social engineering, network access, controllers, anti-malware and enhanced authentication.
- Graduate of any Five (5) year collegiate course preferably in the field of Information and Communication Technology.
- Work related experience of at least Three (3) years performing incident response, security incident analysis and computer forensics.
- Certifications in at least four (4) of the following is an advantage:
- Certified Ethical Hacking (CEH)
- Cisco Certified Network Professional (CCNP Security)
- SANS GIAC Security Essentials Certification (GSEC)
- SANS GIAC Certified Incident Handler (GCIH)
- SANS GIAC Certified Intrusion Analyst (GCIA)
- Certified Information Security Systems Professional (CISSP)
- Must be amenable to work on shifting schedules and be assigned in Makati Area.