Computer Incidents Response Expert
Tue, Jul 02 2019 10:00 AM
Publish Date
Closing Date
Location
Kabul
|
Date Posted: |
Jul 2, 2019 |
Reference: |
MCIT - Cyber- 7-2-19 |
|
Closing Date: |
Jul 9, 2019 |
Work Type: |
Full-Time |
|
Number of Vacancies: |
1 |
Gender: |
Any |
|
Functional Area: |
IT |
Nationality: |
Afghan |
|
Salary Range: |
As per NTA salary scale policy |
Years of Experience: |
3 - 5 Years |
|
Contract Duration: |
Open Ended |
Extension Possibility: |
No |
|
Contract Type: |
Contractor |
Probation Period: |
3 months |
|
Required Languages: |
96, 90, 66 |
About Ministry of communication and IT:
Ministry of Communication and Information Technology
Job Summary:
Perform IT Security Incident Response life cycle (preparation; detection and analysis, containment, eradication and recovery; post-incident activity);
Skills Required:
Information SecurityCommunication
Provinces to travel:
Skills Description:
Hands-on experience with security tools and devices, operating systems, and/or networking devices desired
Knowledge of IT Security Standards, Control Frameworks and Risk Management techniques
Proven skills and experience in log analysis, incident investigations – including guidance for remediation.
Excellent oral and written communication skills
Excellent interpersonal and organizational skills
Effective leadership skills and experience
Duties & Responsibilities:
Perform IT Security Incident Response life cycle (preparation; detection and analysis, containment, eradication and recovery; post-incident activity);
Assesses IT risks and analyze potential mitigation strategies to reduce IT Security exposure (Use Cases, Scenarios)
Detailed analyses of various security event sources (FW, IDS, PROXY, AD etc.) Acts as the interface with other IT and business departments regarding IT security incidents
Security incidents are effectively identified, documented, and investigated.
Collaborates with and provides consulting services to clients if required
Provides advisory assessments in relation to cybersecurity breach prevention.
Conducts gap assessments and provides actionable recommendations to remediate shortcomings.
Demonstrated expert understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures.
Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. NetFlow, Full Packet Capture), and other attack artifacts in support of incident investigations.
Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-Based Forensics, Network Forensics.
Experience with malware analysis concepts and methods.
Familiarity or experience in Cyber Kill Chain methodology.
Knowledge of Virtualization and Cloud security.
Knowledge of Linux, UNIX, Windows (including Active Directory) and other operating systems.
Must be a flexible team player, hard-working, and possess excellent communication and customer-facing skills.
Must be self-directed, able to manage solo projects or participate as part of a larger team.
Strong report writing skills and ability to explain complex security issues to customers in a formal presentation format.
Must be able to interact confidently with all levels of technical and management client teams.
Working knowledge of NIST SP 800-53A, ICD 503, FISMA, DCID 6/3, relationships between IC and DoD policies for assessment and authorization
Skill in using network analysis tools to identify vulnerabilities
Expert with Firewall Configuration and administration
Expert with Intrusion Detection Systems (IDS) configuration and administration
Skill in assessing the robustness of security systems and design
Skill in developing and apply security system access controls
Skill in assessments of industry IT operating system, software database, or hardware
Ability to prepare the various types of security related documents
Ability to conduct vulnerability scans and recognize vulnerabilities in security systems
Ability to evaluate the trustworthiness of the supplier and/or product
Ability to evaluate the adequacy of security designs
Ability to establish effective working relationships internally and externally to the client organization
Developed technical documentation and white papers
Knowledge of emerging security issues, risks, and vulnerabilities
Maintains and continuous improvement of processes, standards, policies, working methods, and tools using ITIL best practices
Job Location:
Afghanistan, Kabul
Qualifications:
Bachelor Degree Computer Science
Experience working in a multinational organization desired
Experience with technical IT security incident response, host and network forensics, malware analysis
Certifications such as CISSP, GIAC certifications, Certified Ethical Hacker (CEH) preferred
At least 2 years working in IT Security
Job Keywords:
IT
Submission Guideline:
Interested of afghan nationals should submit their updated application comprises your CV and a non-page cover letter explaining your interest and suitability for the advertised position.
Email:
Human resource directorate
Ministry of communication and information technology.
PLEASE MENTION THE VACANCY NUMBER & NAME OF POSITION YOU ARE APPLYING IN YOUR E-MAIL SUBJECT LINE otherwise the application will not be considered
APPLICATIONS RECEIVED AFTER THE DEADLINE WILL NOT BE CONSIDERED.
ONLY SHORT LISTED CANDIDATES WILL BE CONTACTED FOR INTERVIEW.
Females are highly encouraged to apply.
Submission Email: