Cyber Incident Handler Tier 1.5 (Entry Level)

This entry level Incident Handler position requires the prompt technical responses to questions from outsourced client regarding troubleshooting, diagnosing, and resolving problems for hardware, phones and applications.

This Incident Handler requires a thorough knowledge of problem escalation and follow-up processes to ensure timely resolution of reported issues. Related documentation and online knowledge articles are used for troubleshooting; incidents are tracked in an incident ticket tracking system.

The primary role of this Incident Handler is to take live trouble-shooting calls as well as email requests daily 100% of the time. This Incident Handler must deliver outstanding customer service in a timely and efficient manner and with a demonstrated commitment to 1st call resolution and overall customer satisfaction.

Responsibilities

· Incident Coordination for all open incidents in scope including escalation according to procedures

· Monitoring of all devices with Netreo OmniCenter

· Monitoring all open incidents in the Vendor ticketing systems

· Monitoring and acknowledging emails in an alerting email inbox

· Monitoring  Wi-Fi Portal for downed equipment.

· Communication of all outages or compromised services in Start of Day (SOD) and End of Day (EOD) reporting

· Monthly reporting on all tickets created during the past 30 days

· Send daily open incident report to operations team

· Escalating tickets to Tier2-3 and/or other support teams as appropriate

· Basic equipment troubleshooting with clients

· Documents problems

· Maintain knowledge with accurate up-to-date information relating to current policies,

· Provide superior customer support by analyzing, diagnosing and resolving problems within service level agreements

· Must effectively manage call/email workload

Cyber Security Analyst

SUMMARY:

Participate as a Member of a Security Operations Monitoring Team.

RESPONSIBILITIES:

Monitor, review and analyze SIEM (security information and event monitoring system) for information, determine potential threats to the environment and act upon threats according to specific processes and procedures.

Monitor, review and analyze a centralized Anti-Virus (AV) and host-based intrusion detection/prevention system (HID/PS) determine potential threats to the environment and act upon threats according to specific process and procedures.

Conduct security event investigations as required.

Report potential and validate threats to the environment within specified time frames.

Provide hands on assistance to assigned incident handlers and forensic specialists as required to remediate threats.

Provide third party investigation assistance as required

Assist in the improvement of security monitoring tools

 

REQUIREMENTS:

Possess a thorough understanding of TCP/IP and Networking

Possess an understanding of events that are processes by the SIEM

Possess a detailed understanding of AV and HIDS

Report threat information utilizing web based interfaces and support systems

Conduct and assist with investigations and threats are required

Possess a thorough understanding and demonstrated experience with Chain of Custody