Thursday, March 30, 2017

Incident Response Engineer

Position Title:              Incident Response Engineer
Client:                          Montgomery County Government
Work Location:          Rockville, Maryland
Estimated Duration:   6 months+

FYI: - Background Investigation will be conducted before on boarding, once confirmed (selected).

Job Summary

Client is expanding its current Information Security Incident Response program. Client seeks a qualified contractor with extensive experience and subject matter expertise in identifying, analyzing, scoping, containing and eradicating real-world threats. 

Requirements: 
Contractor will be a direct report to the County’s Enterprise Information Security Officer, and also receive direction from the Enterprise Information Security Office Security Architect.
Contractor will work side-by-side with County staff to facilitate knowledge transfer.

Responsibility Include:

Consultant will: -
·         participate in a 24/7 on-call operation that monitors for and responds to security events on Montgomery County's networks, including working with external entities, where necessary.
·         respond to information security incidents, including internal and external events and targeted threats.
·         develop internal tools used to respond to incidents (e.g., forensic toolkits) or recommend the purchase of specific tools to support Montgomery County’s unique environment
·         identify and execute on projects that improve our intrusion detection and incident response capabilities
·         prepare recommendations, including language where appropriate, for updates to or creation of incident response procedures.
·         prepare weekly status report that will include:
·         Work completed
·         Work planned for the next 1+ week(s)
·         Risks
·         Items for escalation

Evaluation Criteria:
1.    Qualified candidate must have Subject Matter Expertise in incident response procedures and processes, including knowledge of common indicators of compromise and of methods for detecting these incidents
2.    Qualified candidate must have Subject Matter Expertise in common incident response tools such as Splunk, Snort IDS, AlienVault SIEM, and Kali Linux
3.    Qualified candidate must have a minimum of five (5) years of experience in performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
4.    Qualified candidate must have a minimum of five (5) years of experience in performing client/customer interviews and documentation of security incidents


Kaleem Khan
Priserve Consulting Inc.
1035 Dairy Ashford Rd, Suite 220, Houston, TX