Thursday, August 11, 2016

Incident Handler


Information Security Operations Center - Incident Handler III 
World Bank 
Location :- Washington DC 


Essential Job Functions:
• Monitor Security Events from IDS, SIEM, etc.
• Log tickets to the Ticketing System
• Handle calls from the MSSP(Managed security service provider, WBG users regarding incidents/events, perform triage, resolve problems, or escalate to team members
• Perform triage on alerts from all sources including Monitored Email Distribution Lists
• Participate in rotating weekly shift supporting off hours and weekend activity (24x7)
• Produce ad hoc reports and other ad hoc tasks

Educational Qualifications and Experience:
• Education: Bachelor’s degree in Computer Science or Information Systems
• Role Specific Experience: 2+ years of relevant experience in Information Security Incident Handling
• Experience with Firewalls and information security technologies
• Experience with CERT/CSIRT/CIRT/SOC

Certification Requirements:
• CEH, Security +, CCNA

Required Skills/Abilities:
• Monitoring skills related to IDS and SIEM
• Understanding of TCP/IP, Ethernet, OSI model, layer 2 and layer 3 concepts
• Understanding of Windows Registry, File system, etc.
• Hands-on knowledge of Network Packet Analysis using tools
• Ability to work with team members with varying levels of technical skills and diverse international backgrounds
• Strong understanding of Networking and Operating systems concepts
• Ability to adapt to and function in a project environment with multiple timetables and changing priorities
• Ability to learn new concepts and approaches in Analyzing Security Incidents.
• Good communication skills (Verbal and Written)

Desired Skills/Abilities (not required but a plus):
Pluses for Levels: (level II, III)
• Level II
o Essential Job Functions:

§ Carry out detailed Incident Response activities, including containment, remediation, and root cause analysis
o Educational Qualifications and Experience:
§ Bachelor’s degree and 5+ years of information security experience
§ Experience in malware remediation and containments
§ Hands on experience of Incident Response /Malware analysis
o Desired Skills/Abilities:
§ Malware Analysis 
§ Cyber Forensics (Memory, Disk)
§ Scripting Languages e.g. Python
o Preferred Certifications:
§ GIAC
• Level III
o Essential Job Functions:  

§ Perform advanced Malware Analysis, along with Incident Response 
§ Generate detailed Malware Analysis reports on PE and other common file structure samples
§ Provide actionable intelligence and suggestions for control updates based on the reverse engineering and malware analysis
§ Assist OIS in Identifying zero-day/vulnerable applications and impact
o Educational Qualifications and Experience:
§ Master’s degree and 7 + years of work experience
§ Experience with Malware Analysis of PE and other common file structures
o Desired Skills/Abilities:
§ Expert understanding of Windows API calls 
§ Expert knowledge  of Debuggers and disassemblers 
§ Scripting language knowledge
o Preferred Certifications:
§ CEH, GIAC Certifications, Security +, CCNA (Security), CISSP [At least Two Required]
Experience Matrix for Levels:
• Level I  -  2+ years  of experience
• Level II -  5+ years  of experience
• Level III - 7+ years of experience 
 
Anuj Kumar
E-Solutions Inc
2 N Market St., #400
San Jose, CA 95113
(408) 385-2375