Incident Handler

GoSecure offers a creative and challenging work environment, a competitive benefit package, and a great atmosphere to foster career growth. Come put your career on the leading-edge and bring your talents to a much sought-after high growth opportunity in technology
- GoSecure

**Summary**

The MDR Incident Handler will guide Active Response Center (ARC) team members by providing expertise, leadership, and technical knowledge on a variety of security issues. This role plays a key, tactical and operational role in the development, management, and continuous improvement of GoSecure’s ability to respond to various threats. This role also serves as an escalation point for potential security incidents and must be able to perform the necessary technical and managerial tasks to summarize incident related data. The Incident Handler has the responsibility to perform technical analysis, document findings, and recommendations, provide timelines and deliver updates and other communications to audiences ranging from internal teams and executives to our most discerning customers.

**Duties and Responsibilities**
- Conduct network monitoring and intrusion detection analysis to determine if there have been any attacks on systems.
- Analyze technical information to determine impact and action plans, triage incidents and events for direct action.
- Participate in response activities across teams or directly with stakeholders to identify and remediate potential threats.
- Coordinate activities with other security teams including threat intelligence, penetration testers, and product groups.
- Utilize cyber incident response processes and procedures and provide routine updates.
- Maintain technical documentation including standard operating procedures and incident response processes/procedures.
- Other duties as required.

**Requirements and Experience**
- 2+ years of relevant experience in incident response or similar information security operations role.
- Bilingual (French and English) is required
- Bachelor’s degree in Computer Science and/or other relevant security certifications (CISSP, CISM, CISA, CCSP, GCIH, GIAC, OSCP, OSEE, GREM).
- In-depth experience working in EDR/SIEM/SOAR technologies.
- Formal security models, such as, MITRE ATT&CK or CIS Critical Security Controls.
- Experience in security technologies (i.e. Incident case management, SIEM, SOAR, EDR, Intrusion Prevention, Digital Forensics).
- Knowledge of security controls and incident response in a multi-platform environment including on-prem and cloud.
- Experience with other various technologies implemented in a SOC environment: EDR, IDS/IPS, Anti-Virus, network and host-based firewalls, Web proxies, etc.
- Understanding of basic networking protocols, such as, IP, DNS, HTTP, FTP, SMTP, etc., and the OSI model.
- Proven ability to participate in large scale projects with high collaboration.
- Excellent written and oral communications.
- Excellent judgement, decision making skills, and the ability to work under pressure.
- Excellent presentation skills and experience of presenting to senior management and senior leaders.
- Experience with Cloud Computing and technology.
- Experience with Unix/Linux, or work relating to OS internal or file level forensics.
- Customer service experience.