Upload
others
View
17
Download
0
Embed Size (px)
Citation preview
SecurityEngineer–IncidentResponseandDigitalForensics
SpearTip-MissionStatementBlendcutting-edgetechnologies,uniqueskillsetsandprovenmilitarycybercounterintelligencestrategies,SpearTippartnerswithourPartnerstoprotectshareholdervalue,shieldcorporatereputationsandenhancelong-termprofits.CoreValues
PositionDescriptionThispositionwillberesponsibleforprotectingcompanyassetsincludinginformationsystems,networks,devices,anddatafromthreats,suchassecuritybreaches,computervirusesorattacksbycyber-criminals.AkeyfocusonthispositionisonSpearTip’sIncidentResponseandDigitalForensicsengagements.CharacteristicsRequirementsNotallofthefollowingrequirementsareexpectedforeverypotentialcandidate.SpearTipconsidersboththecharacterofpersonandtheirexperiencewhenmakinghiringdecisions.Forastrongcandidate,SpearTipiswillingtooffertraining(internalandexternal)tofillnecessaryknowledgegaps.
PersonalAttributes: Creativebrainstormerwillingtobuildsolutionscollaborativelytosolvecomplexcybersecurityproblems
Self-motivated,decisivedecisionmakerwiththeabilitytotakeownershipandwillingnesstobeaccountable
Willingtostickwithdifficultproblemstoconsistentlyproducethebestsolutionforourpartnersandwillingtochampionnewtechnologyanddifferentapproaches
Desirestobeimmersedinatrainingculturetobothdevelopothersandimproveself
EducationalandExperience:
ComputerScience,Cybersecurity,orInformationSystemsBachelor’sDegreeorequivalentprofessionalexperienceinadevelopmentorIToperationsrole
Oneintermediatecybersecuritycertification–desiredbutnotrequired(e.g.GCIH,GCFA,CHFI,CySA+,etc.)
Proficientinincidenthandlingprocedures(NIST.SP.800-61r2) Experienceorknowledgeofwithdigitalforensictools(forexample,FTK,EnCase,MagnetAxiom) Experienceorknowledgeofmemoryforensictools(forexample,Volatility) Experienceorknowledgeofenterprisedetectionandresponsetools(CarbonBlack,CrowdStrike,SentinelOne,Cylance,etc.)
ExperienceorknowledgeofSIEMtools(SplunkorLogRhythm) ProficientinWindowsandLinuxoperatingsystems Proficientincomputernetworkingconcepts
Responsibilities: Responsibleforleadingorparticipatinginonsiteincidentresponseanddigitalengagements Maintainchainofcustodyandproperevidencehandlingproceduresduringengagements Whenrequiredbythenatureoftheengagement,actasaconsultingorexpertcourtwitness Datacollection,analysis,andreportwriting-collectanddocumentthetimelineofevents,collect,analyze,andvalidatefindings,andprovide“bestpractice”recommendationstotheclient;withtheunderstandingthatyourrecommendationshavesignificantimpacttoclientoperations
Assistintriageandvalidationofalertsfromenterprisedetectionandresponsetools MaintainandcultivateworkingknowledgeofAxiom,ShadowSpear,Paladin,SpearPortal,FTK,andadditionalDigitalForensicsandManagedDetectionandResponsetools
Problemsolve;independentlyandinateamenvironment Exercisingindependentjudgmentanddiscretion,communicate/coordinatewithclientsregardingalerts,projectupdates,andprojectstatusthroughoutanengagement
Responsibleforthetimelycompletionofengagementsandappropriatelycommunicateprojectstatusandworkloadtocompanyleadershipthroughtherequiredchannels
Maintaincurrentcertifications(asapplicable) Whenappropriate,problemsolveindependentlyandinateamenvironment Beavailableforshort-termperiodictraveltosupportregional,national,andinternationalclients BewillingtoworktowardsnewcertificationswithpropertrainingatSpearTip’sexpenseatthediscretionofcompanyleadership
AttendandactivelyparticipateintheOperationsL10MeetingsandEOSprocess Responsibilitiessubjecttochangeatthediscretionofcompanyleadership ProjectManagement-Exercisingindependentjudgmentanddiscretion,communicate/coordinatewithclientsregardingalerts,projectupdates,andprojectstatusthroughoutanengagement
Benefits:
HealthInsuranceCoverage–100%coverageplan,currentemployeecontributionis$0 Dental&VisionCoverage–currentemployeecontributionis$0 Participationin401(K)Plan,employermatchof100%fortheinitial3%ofcontributionand50%fornext2%ofcontributedfunds,immediatevesting
SpearTipapprovedholidays(currently8approvedholidays) Personalleavedays