Incident Response Handler (Sr.)
Experis - Thousand Oaks, CA

This job posting is no longer available on Experis. Find similar jobs: Incident Response Handler jobs - Experis jobs

  • At least 10 years active experience as part of an incident response team working as
an IR Handler (either in-house or as a consultant)
  • Act as a Subject Matter Expert (SME) for incident response and forensics
Manage and perform incident response activities including:
  • Searching device and server logs.
  • Locating malware on a computer
  • Identifying the attack vector
  • Remediating infected computer(s)
  • Building a timeline showing how the incident unfolded.
  • File carving
  • Briefing customer on extent of incident and response strategy
  • Perform storage forensics (for example, hard drives, phones, USB storage)
  • Utilize Company-owned forensic tools (Encase, FTK, Helix, Wireshark, etc.) in the
course of investigations
  • Utilize other Incident response tools such as Nmap, Wireshark and Snort,
  • Perform network storage forensics (for example, capturing network traffic for
analysis)
  • Perform file-system analysis and file carving (for example, to extract email,
documents, and other trace evidence)
  • Establish timelines and patterns of activity of individuals and electronic devices
and software
  • Follow forensically sound practices, including preserving chain of custody
  • Consult with Company legal team on privacy, policy and compliance concerns
  • Develop companywide remediation plan of actions as a result of investigative
discovery within Company business and IT infrastructure
  • Adequately communicate with all key stakeholders to ensure both
confidentiality of information and expedient evidence collection

Required Knowledge, Skills and Abilities
  • Experience managing large and small scale incidents
  • Experience leading digital forensic investigations
  • Working knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax,
Sleuthkit, SIFT, BlackLight and/or MacForensicsLab
  • Familiarity with the following technologies: Active Directory, Virtualization
platforms, Microsoft Windows, Unix, Linux, Mac OS X, LDAP, Active Directory,
802.11 wireless, firewalls, routers, network protocols and architecture,
databases, VPN/RAS, IDS/IPS
  • Understanding of risk-based frameworks
  • Understanding of one or more frameworks: PCI-DSS, Sarbanes Oxley, NERC-CIP,
HIPAA, FISMA, ISO, COBIT, NIST
  • Broad information security knowledge and experience
  • Very good understanding of MS Windows architecture and design.
  • Strong understanding of networking protocols such as RIP, EIGRP, OSPF, network
tools such as Wireshark and Nmap and networking principles such as subnet
masks, CIDR and spanning-tree protocol.

  • Bachelors degree in Computer Science or related field
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Intrusion Analyst (GCIA)
  • Microsoft MCSE certification.
  • CISSP credential

Experis - 23 months ago - save job - block
About this company
97 reviews
Transforming challenges into opportunity. Accelerating careers. Propelling business growth. Few companies can match Experis’ scope,...