[SANOG] Access in search for a Security Incident Handler

Access Jobs jobs at accessnow.org
Fri Jun 19 21:21:50 UTC 2015

Hello SANOG members!

Just writing to let you know that we are looking for a Security Incident
Handler <https://www.accessnow.org/about/jobs#Security_Incident_Handler> to
join our Tech team and be a member of our Helpline in the South East Asia
and CIS regions.

Access has an office and a few staff members in Manila, and are looking to
add additional capacity and expand our Helpline operations across these
regions. We are interested in speaking with qualified candidates who are
based in the Philippines as well as those who have the flexibility to work
remotely from other countries in these regions.

The Security Incident Handler will join our Digital Security Helpline and
provide rapid response information security capability to meet the needs of
NGO staff, and other civil society clients around the globe. The job
description and link is below!


Ben Whelan
Operations Officers, Accessnow.org

***** ***** *****

Security Incident Handler
<https://www.accessnow.org/about/jobs#Security_Incident_Handler> - Manila,
the Philippines, South East Asia or CIS regions

As a Security Incident Handler, you will be responsible for manning Access
Tech's 24 x 7 x 365 Digital Security Helpline, providing rapid response
information security capability to meet the needs of NGO staff, and other
civil society clients around the globe. This role is perfect for a quick
learner who is excited by Access’ mission and is eager to provide amazing
technical advice and service to human rights defenders across Southeast
Asia and around the world!

This role will report to the Deputy Helpline Manager, and Access'
Technology Director.

*Essential Duties & Responsibilities:*

   - Perform incident rapid response duties via phone, email, and other
   communication channels;
   - Perform client risk assessments and give structured advice and
   recommendations as required, verbally and in written format;
   - Document case history and maintain chain of evidence;
   - Perform investigations and forensic analysis as required;
   - Give security training to clients as required;
   - Mitigate DDoS attacks, worm and virus outbreaks, and targeted attacks
   with trojans, rootkits, and other malware;
   - Defend the computer systems and web presence of clients. Security
   harden and patch systems, including MS Windows, Mac OS X, and Linux;
   - Build and deploy blackout resilient technologies in the field;
   - Operate, manage, fix, tune, and upgrade IDS sensors, and operate a
   SIEM to analyze complex attacks and generate reports;
   - Build, manage, tune, fix, and upgrade circumvention server capacity;
   - Perform systems administration tasks as required;
   - Do software development work as required;
   - Appear in court and present forensic evidence if required;
   - Work on rotating schedules, that might include working on weekends and

*Skills, Knowledge & Abilities:*

   - Essential technical skills include Microsoft XP, Vista, 7, 8, Mac OSX,
   and Linux operating systems. Wifi, TCP/IP, SMTP, HTTP/S, TLS, PKI, VPN, VM,
   SSH, etc;
   - Following technical skills an advantage: Snort IDS, Cisco networking,
   Apache and IIS HTTPDs, Squid Proxy/Cache, Mailman, Postfix, Firewalls,
   TAILS, Web development, Perl, C, PHP, Javascript, Wireshark, MySQL;
   - Unshakable integrity and personal ethics; dedicated, reliable and
   trustworthy, with a willingness to provide feedback and ask for assistance
   in challenging situations;
   - Energetic and confident. Comfortable performing multifaceted projects
   in conjunction with routine activities. Must possess strong analytical
   capabilities, be resourceful and well organized with excellent verbal and
   written communication skills;
   - Must be able to work in a high stress emergency environment that
   requires sustained focus; have an appetite for responsibility and perform
   careful, diligent work. Must be able to work unsupervised;
   - Willing and ready to learn new things, be trained in incident handling
   and intrusion detection; and be willing to adhere to a strict procedural
   modus operandi as defined by Access;
   - Be available for travel in South East Asia and CIS regions and beyond;
   - Keep technical knowledge and skills up to date, and be willing to
   attend trainings and conferences as required by Access.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.sanog.org/pipermail/sanog/attachments/20150619/95dd58d9/attachment-0001.html>

More information about the sanog mailing list