[SANOG] Access in search for a Security Incident Handler
Access Jobs
jobs at accessnow.org
Fri Jun 19 21:21:50 UTC 2015
Hello SANOG members!
Just writing to let you know that we are looking for a Security Incident
Handler <https://www.accessnow.org/about/jobs#Security_Incident_Handler> to
join our Tech team and be a member of our Helpline in the South East Asia
and CIS regions.
Access has an office and a few staff members in Manila, and are looking to
add additional capacity and expand our Helpline operations across these
regions. We are interested in speaking with qualified candidates who are
based in the Philippines as well as those who have the flexibility to work
remotely from other countries in these regions.
The Security Incident Handler will join our Digital Security Helpline and
provide rapid response information security capability to meet the needs of
NGO staff, and other civil society clients around the globe. The job
description and link is below!
Best,
Ben Whelan
Operations Officers, Accessnow.org
***** ***** *****
Security Incident Handler
<https://www.accessnow.org/about/jobs#Security_Incident_Handler> - Manila,
the Philippines, South East Asia or CIS regions
As a Security Incident Handler, you will be responsible for manning Access
Tech's 24 x 7 x 365 Digital Security Helpline, providing rapid response
information security capability to meet the needs of NGO staff, and other
civil society clients around the globe. This role is perfect for a quick
learner who is excited by Access’ mission and is eager to provide amazing
technical advice and service to human rights defenders across Southeast
Asia and around the world!
This role will report to the Deputy Helpline Manager, and Access'
Technology Director.
*Essential Duties & Responsibilities:*
- Perform incident rapid response duties via phone, email, and other
communication channels;
- Perform client risk assessments and give structured advice and
recommendations as required, verbally and in written format;
- Document case history and maintain chain of evidence;
- Perform investigations and forensic analysis as required;
- Give security training to clients as required;
- Mitigate DDoS attacks, worm and virus outbreaks, and targeted attacks
with trojans, rootkits, and other malware;
- Defend the computer systems and web presence of clients. Security
harden and patch systems, including MS Windows, Mac OS X, and Linux;
- Build and deploy blackout resilient technologies in the field;
- Operate, manage, fix, tune, and upgrade IDS sensors, and operate a
SIEM to analyze complex attacks and generate reports;
- Build, manage, tune, fix, and upgrade circumvention server capacity;
- Perform systems administration tasks as required;
- Do software development work as required;
- Appear in court and present forensic evidence if required;
- Work on rotating schedules, that might include working on weekends and
holidays.
*Skills, Knowledge & Abilities:*
- Essential technical skills include Microsoft XP, Vista, 7, 8, Mac OSX,
and Linux operating systems. Wifi, TCP/IP, SMTP, HTTP/S, TLS, PKI, VPN, VM,
SSH, etc;
- Following technical skills an advantage: Snort IDS, Cisco networking,
Apache and IIS HTTPDs, Squid Proxy/Cache, Mailman, Postfix, Firewalls,
TAILS, Web development, Perl, C, PHP, Javascript, Wireshark, MySQL;
- Unshakable integrity and personal ethics; dedicated, reliable and
trustworthy, with a willingness to provide feedback and ask for assistance
in challenging situations;
- Energetic and confident. Comfortable performing multifaceted projects
in conjunction with routine activities. Must possess strong analytical
capabilities, be resourceful and well organized with excellent verbal and
written communication skills;
- Must be able to work in a high stress emergency environment that
requires sustained focus; have an appetite for responsibility and perform
careful, diligent work. Must be able to work unsupervised;
- Willing and ready to learn new things, be trained in incident handling
and intrusion detection; and be willing to adhere to a strict procedural
modus operandi as defined by Access;
- Be available for travel in South East Asia and CIS regions and beyond;
- Keep technical knowledge and skills up to date, and be willing to
attend trainings and conferences as required by Access.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.sanog.org/pipermail/sanog/attachments/20150619/95dd58d9/attachment-0001.html>
More information about the sanog
mailing list