Incident Handler Resume Samples
4.5
(124 votes) for
Incident Handler Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the incident handler job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
SM
S Mayert
Susana
Mayert
27551 David Heights
Dallas
TX
+1 (555) 579 4513
27551 David Heights
Dallas
TX
Phone
p
+1 (555) 579 4513
Experience
Experience
Detroit, MI
Incident Handler
Detroit, MI
Walsh Inc
Detroit, MI
Incident Handler
- Ensure compliance, operational risk controls in accordance with HSBC or regulatory standards and policies; and optimize relations with regulators by addressing any issues
- Review, design and engineer security operational processes with current and new technologies to improve security controls and business performance
- Define metrics and methodologies to measure security performance of applied new technologies
- Support compliance monitoring and internal controls in accordance with HSBC and regulatory standards
- Research and evaluate data security enhancements to maintain or surpass industry standards
- Identify security exposures through monitoring of systems and recommend corrective action by conducting gap analyses
- Chicago based position with interaction to all lines of business
San Francisco, CA
Cyber Incident Handler
San Francisco, CA
Walker-Miller
San Francisco, CA
Cyber Incident Handler
- Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
- Familiarity supporting a 24x7 Operation
- Coordinate the flow of information between the ACOIC, the DCODs and CYBERCOM for incident response and reporting
- Security+ CE, and CEH, or GCIH Certification
- Opening tickets on incidents and subsequently tracking completion of the incident handling life cycle for multiple incidents across the regional Defensive Cyberspace Operations Divisions (DCODs)
- Knowledge of TCP/IP communications and how common protocols and applications work at the network level
- Shift- Mid/Weekend Shift: Saturday and Sunday 6pm-6am, and two week days 10pm-6am (either Mon/Tues or Thurs/Fri)
present
Boston, MA
Cfsc-nam Sirt Incident Handler
Boston, MA
Herzog, Nicolas and Thompson
present
Boston, MA
Cfsc-nam Sirt Incident Handler
present
- Review and analyze IS Incidents to identify those that pose a significant risk to the Citigroup franchise and its affiliates, and escalating those IS Incidents in accordance with Citigroup policy and procedures
- Track follow-up documentation related to an IS Incident, including Root Cause Analyses (RCAs), Lessons Learned and SIRT Remediation Plans throughout the incident lifecycle till closure
- Provide technical subject matter expertise to mitigating risk to impacted parties throughout an incident
- Review and verifying the accuracy of the reported severity level of an incident
- Review the details of all reported incidents to determine whether they constitute an IS Incident
- Perform the following Risk Oversight Functions responsibilities according to the HSBC Risk FIM
- Review and report on indicators/metrics and take action as necessary where any business appears to be operating, or to be at risk of operating, outside the established risk appetite
Education
Education
Bachelor’s Degree in Engineering
Bachelor’s Degree in Engineering
Arizona State University
Bachelor’s Degree in Engineering
Skills
Skills
- Strong written and spoken communications skills
- Palo Alto firewalls
- Inquisitive and always probing for solutions to problems and tasks
- Past experience with computer forensics--imaging and diagnostics of compromised and affected computers and networks
- Some programming language skills (C#, Python, PHP--not all 3 just at least one)
- "Threat Hunter" mentallity
- Snort (open source detection)
- ArcSite
- NetFlow
- Excel and other Microsoft Office products
12 Incident Handler resume templates
Read our complete resume writing guides
1
Incident Handler Resume Examples & Samples
- 3+ years of experience with network security
- Knowledge of TCP/IP communications and how common protocols and applications work at the network level, including DNS, HTTP, and SMB
- Knowledge of how the Windows file system and registry function
- Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
- Security+, CEH, GCIA, GCIH, or CISSP Certification
- Experience with Mandiant and FireEye security products
- Experience with conducting forensic media analysis and log file analysis
- Knowledge of UNIX operating systems and command line tools
2
Incident Handler Resume Examples & Samples
- Chicago based position with interaction to all lines of business
- Minimal travel required (<10%), Domestic & International
- Support 60,000+ users across North America
- A Bachelor’s degree or equivalent experience in business, computer science or related field with six to eight years progressive experience in information security including a minimum three years experience working with diverse security products
- Technical experience in at least one of the following: software architecture/development, database administration, distributed systems, mainframe, networks, and infrastructure
- Three to five years of demonstrated project management knowledge and problem solving skills
- Ability to work in a diverse global environment
- Experience creating and managing operational processes
- Professional certifications in Information Security desirable (CISSP / CISM). Project Management certification a plus
3
Cfsc-nam Sirt Incident Handler Resume Examples & Samples
- Review and analyze IS Incidents to identify those that pose a significant risk to the Citigroup franchise and its affiliates, and escalating those IS Incidents in accordance with Citigroup policy and procedures
- Review the details of all reported incidents to determine whether they constitute an IS Incident
- Review and verifying the accuracy of the reported severity level of an incident
- Provide technical subject matter expertise to mitigating risk to impacted parties throughout an incident
- Work with internal and external constituents to minimize risks associated with IS Incidents, including convening appropriate Subject Matter Experts to assist investigations and ensuring that all relevant facts of the IS Incident are properly communicated and reflected in the SIM Application
- Track follow-up documentation related to an IS Incident, including Root Cause Analyses (RCAs), Lessons Learned and SIRT Remediation Plans throughout the incident lifecycle till closure
- Ensuring that SIRT metrics are available to senior management at the business and corporate level
- Oversee the quality, availability, and integrity of the data in the Security Incident Management Application (SIM Application)
- 2+ years working in an Incident Response role with experience in examining suspicious/malicious network events, analyzing malicious code/exploits, and system/network forensics
- Extensive years working in IT/IT security, preferably a 24x7 operational environment, or educational equivalent
- Experience in security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience
- Understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection/prevention systems, encryption, load balancing, and other network protocols
- Experience with Reverse Engineering malicious code and Web/Network Penetration Testing is a plus
- Experience with Databases, SQL knowledge is a plus
- Experience writing Perl, Python, scripting, programming, or other languages is a plus
- Experience administering and troubleshooting operating systems, including Solaris, Linux, and Microsoft Windows Server is a plus
- Certified Information Systems Security Professional (CISSP) certified/qualified or ability to actively work towards obtaining certification
- Certified GIAC Certified Incident Handler (GCIH) or demonstrated skills and ability to obtain certification
- Excellent communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with clients and IT management and staffs
- Ability to communicate technical issues to technical and non-technical business representatives
- Ability to understand strategic objectives and vision, and work towards those goals
- Dedicated and self-driven desire to research current information security landscape
4
Cyber Incident Handler Resume Examples & Samples
- Experience with using event escalation and reporting procedures and supporting network investigations
- Knowledge of TCP/IP communications and how common protocols and applications work at the network level
- Ability to learn and operate in a dynamic environment
- Ability to pay strict attention to detail, demonstrate logic and solution orientation, and learn and adapt quickly
- Security+ CE and CEH or GCIH Certification
- Experience with working in a 24/7 SOC environment
- Experience in managing cases with enterprise SIEM and logging systems
- Possession of excellent analytical and critical thinking skills
- BA or BS degree in Engineering, CS, Information Security, or Information Systems
5
Cybersecurity Incident Handler Resume Examples & Samples
- 2+ years of experience with applied incident response support in an SOC environment
- 2+ years of experience with supporting commercial or government clients on how a 24x7 environment works
- 2+ years of experience with applied incident response support
- Experience with briefing senior officials on technical issues
- Knowledge of network operating systems, SLAs, and service expertise
- Ability to clearly and concisely document Cybersecurity incident details and escalate appropriately, as required
- Ability to work 2nd shift from 6pm-6am and on weekends
6
Cyber Incident Handler Resume Examples & Samples
- Bachelor's Degree in Computer Information Systems, Computer Science, Information Technology, Information Science, Information Systems, or a related academic disciplines of science, technology, engineering, or mathematics
- Minimum 5 years’ experience working in a Cyber Operations/Response environment with Bachelor's degree
- Ideal candidates will be experienced with leading a team of experts in computer forensics and intrusion analysis
- Ideal candidates will have the ability to adapt quickly to a fast paced and dynamic environment for high impact, mission-critical network security operations
- Demonstrated Cyber Incident Response/Forensics/Vulnerability analysis background
- Candidate should have knowledge and experience in the Incident Response Cycle
- Candidate should be able to perform research to solve problems in a creative and repeatable manner
- EnCase, FTK, Tanium, Windows Server 7/Server 2008+, Network Devices, DNS, DHCP, ARP, TCP/IP, Exploitation Techniques, willingness to travel locally, and good teamwork experience required
7
Cybersecurity Incident Handler, Senior Resume Examples & Samples
- 7+ years of experience with Cybersecurity and incident response in a lead capacity
- Experience with working in a SOC environment, including expertise in how a 24x7 environment works in support of commercial or government clients
- Experience with engineering tasks, including configuring and patching proxies, firewalls, routers, and Splunk
- Knowledge of Cyber threat capabilities and technical capabilities to defend networks and systems
- Ability to regularly work a 2nd shift beginning anytime between 4:30PM to 6:30PM lasting 8 hours, Monday-Friday
- Ability to work rotating shifts depending on client needs
- Knowledge of any of the following areas preferred: network operating systems and fundamentals, SLAs, enterprise-wide planning, analysis, design and construction of information systems, software engineering techniques, analytical and computational techniques and methodologies for problem solutions, process and data modeling using both manual and automated tools, and reverse engineering
- Possession of excellent oral and written communications skills, including clearly and concisely documenting Cybersecurity incident details and escalate appropriately, when required
- Possession of excellent interpersonal and consulting skills, including working well as a member of a team and being comfortable with informing or briefing senior officials, when appropriate
- Possession of excellent initiative and critical thinking skills
- Active Public Trust clearance preferred
- GCIA or GCIH Certification
8
Cyber Incident Handler Resume Examples & Samples
- Security+ CE, and CEH, or GCIH Certification
- Knowledge of networking concepts and analysis tools and operating systems, software, and security controls
- Ability to perform independent research and report on findings
- Ability to apply originality and creativity in problem solving
- Ability to be a self-starter, quick learner, and detail oriented
- Possession of excellent oral and written communication skills to communicate effectively under normal and stressful situations
9
Cyber Incident Handler Resume Examples & Samples
- Experience with event escalation and reporting procedures and supporting network investigations
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation, and to learn and adapt quickly
- DoD 8570 IAT Level III Certification and CEH
10
Cyber Incident Handler Resume Examples & Samples
- Experience with using event escalation, reporting procedures, and supporting network investigations
- Ability to demonstrate analytical expertise, strict attention to detail, critical thinking, logic, and solution orientation and learn and adapt quickly
- Security+ CE, CEH, or GCIH Certification
11
Incident Handler With Top Secret Clearance Resume Examples & Samples
- Serve as a member of a security operations team monitoring all aspects of network security on a 24/7/365 basis. Contribute to team effectiveness through internal and external training and Continual Service Improvement actions
- Monitor, contextualize and provide reporting on a wide variety of network data feeds including but not limited to network logs, syslogs, firewall logs, netflow data, and IDS/IPS logs
- Leveraging extensive experience in network exploitation and defense, maintain a current knowledge of attack vectors and methodologies and apply this knowledge to identify vulnerabilities in an assigned network
- Apply a thorough understanding of SPLUNK development skills to review, revise and refine Security Operations Center data collection, aggregation and correlation in support of Continual Service Improvement efforts
- Serve as Incident Lead for response actions to security incidents including but not limited to External Cyber Attacks, Security Violations, Insider Threat Behaviors, Classified Spillages and Configuration-based Threats
- Represent the Security Team in collaborative efforts across multiple Operations and Maintenance Teams to ensure risk awareness, security best-practices, and to assist these teams in deploying and maintaining the network at the lowest possible risk accepted by the client
- Performs forensic analysis of digital information and gathers and handles evidence
- Identifies network computer intrusion evidence and perpetrators. Investigates computer fraud or other electronic crimes, crack files and system passwords, detects steganography and recovers deleted, fragmented and corrupted data from digital media of all types
- Ensures chain of custody and control procedures, documents procedures and findings in a manner suitable for courtroom presentation and prepares comprehensive written notes and reports
- May be required to testify in court as expert witnesses
- Bachelor's degree in Computer Science or related field and 5+ years experience, or equivalent combination of education and experience
- Five or more years of experience in network, host, data and/or application security in a Windows/Unix/Linux operating environment
- Advanced understanding of Splunk and Enterprise Security to include experience administering these systems, assessing new technologies and integrating those datasets into Splunk, and building queries, dashboards, and monitoring protocols within Splunk
- Understanding of Windows/Linux operating systems and command line tools
- A solid foundation in networking, with a deep understanding of TCP/IP and other core protocols
- Experience with network security tools (e.g. Nessus, Wireshark, Snort)
- Experience with host-based security tools (e.g. Firewalls, IDS/IPS, Proxies)
- Experience reviewing raw log files, and data correlation (i.e. firewall, Netflow, IDS, syslogs)
- Demonstrable knowledge of attack vectors, threat tactics, attacker techniques, and the Cyber Kill Chain
- Knowledge of network-based services and client/server applications
- Experience with programming/scripting languages (e.g.Python/Perl)
- Background in information security operations e.g. incident response and monitoring services
- Experience with enterprise information security data management tools/SIEM such as ArcSight or Splunk
- Experience with improving signature quality and detection through results analysis and team collaboration
- Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and authentication technologies
- Experience working with internet, web, application and network security techniques
- Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
- Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
- Experience working with federal regulations related to information security (FISMA, Computer security Act, etc.)
- Experience working with NIST Special Publications and C & A process methodology
- Possess one or more security related certifications, preferably GCIH or equivalent, CEH, etc
- Good analytical and problem solving skills to troubleshoot and resolve network/operating system security issues
- Ability to perform and interpret vulnerability assessments
- Ability to administer the operations of a security infrastructure
- Ability to balance and prioritize work
- A willingness to be challenged and a strong desire to learn
12
Cyber Incident Handler Resume Examples & Samples
- Opening tickets on incidents and subsequently tracking completion of the incident handling life cycle for multiple incidents across the regional Defensive Cyberspace Operations Divisions (DCODs)
- Coordinate the flow of information between the ACOIC, the DCODs and CYBERCOM for incident response and reporting
- Coordinating with the Requirements Manager to ensure incidents are properly tracked, escalated, and reported
13
Incident Handler With Top Secret Clearance Resume Examples & Samples
- Serve as a member of a security operations team monitoring all aspects of network security on a 24/7/365 basis
- Contribute to team effectiveness through internal and external training and Continual Service Improvement actions
- Bachelor's degree in Computer Science or related field and 7+ years experience, or equivalent combination of education and experience
- Experience in network, host, data and/or application security in a Windows/Unix/Linux operating environment
14
Incident Handler Cnd Service Provider Analyst Resume Examples & Samples
- MUST have an active TS/SCI clearance,
- MUST meet DoD 8570 IAT Level II requirements (Security+ ce; CCNA-Security, SSCP, GSEC)
- Must possess a CND Analyst certification such as: GCIH, CSIH or C|EH
- Must have experience working within a CERT/IRT, SOC, NOC or Forensic Analysis environment
- Strong communication skills, to include provide formal (oral/written) briefings to customer
- Must have working knowledge of Microsoft Office products and Windows operating systems
- Must have the ability to perform critical thinking to solve Cybersecurity/C2 related problems
- Must have the ability to drive process improvements and identify gaps
- Must be proactive in engaging with stakeholders
- Must be a self-starter and require minimal oversight
- Bachelor's Degree or higher in Computer Science, Information Security or similar, preferred
- 1-3 years supporting DoD entities with Cyber Security, Law Enforcement or Counter Intelligence
- Experience with a wide range of security products to identify/respond to network intrusions
- Must be willing to work shifts to meet 24/7 requirement
- Must be willing to learn new applications, operating systems, tactics, techniques and procedures
15
Incident Handler Resume Examples & Samples
- Analyzes security events in partnership with other support organizations to counteract malicious activity detected on the network
- Assists in conducting both Internet and conventional research to complete technical analysis and testing
- Assists in researching security events using complex technical and analytical tools and methods to protect customer information systems and networks
- Implements methods and tools that support Computer Network Defense Service Provider Program (CNDSP) operations in support of the customer's mission
- Analyzes security events using approved tactics, techniques, tools and procedures
- Elevates security events for further investigation
- Provides input for security incident reports
- Performs intermediate-level risk analyses tasks, which also includes risk assessment
- Knowledgeable of Security/Information Assurance (IA) products such as PKI, VPN, firewalls, and intrusion detection and prevention systems
- Travel to other countries may be required
- Other duties as documented in the Statement of Work (SOW)
- Information Assurance Technician Level II (IAT II)
16
Cybersecurity Incident Handler Resume Examples & Samples
- Incident response best practices and procedures
- Kali Linux distribution of tools
- Linux OS
- Ability to diagnose, troubleshoot, and triage a variety of security incidents and events
- Threat hunting (proactively seeking threat actors within environment)
- Strong critical thinking skills - be able to think outside the box when diagnosing and dealing with security incidents
- Review of event logs
- Reading packet captures
- Networking principles
- SQL databases
- Knowledge of scripting/programming languages
17
Cyber Incident Handler Resume Examples & Samples
- Experience with event escalation and reporting procedures and network investigation support
- Ability to learn and adapt quickly and demonstrate analytical expertise, strict attention to detail, critical thinking, logic, and solution orientation
- Security+ CE and CEH or GCIH Certifications
- AA or AS degree
18
Incident Handler With Top Secret Clearance Resume Examples & Samples
- Designs and develops new systems, applications, and solutions for external customer's enterprise-wide cyber systems and networks
- Ensures system security needs established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning and provides analytical support for security policy development and analysis
- Integrates new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration and testing issues
- May interface with external entities including law enforcement, intelligence and other government organizations and agencies
19
Cyber Incident Handler Resume Examples & Samples
- Experience with systems administration, network engineering, and security engineering
- Knowledge of how host and network log sources apply to investigations, IR methodology in investigations, and the groups behind targeted attacks and their tactics, techniques, and procedures (TTPs)
- Ability to respond professionally to customer requests regarding Cybersecurity threats and best practices
- Ability to monitor shared mailbox and ticket queues, communicate ownership and next steps within the team, and monitor internal social media for questions and reports on Cybersecurity
- Ability to work well under pressure, including rapidly scoping and investigating incidents
- Ability to leverage analytical expertise, pay strict attention to detail, apply critical thinking, logic, and solution orientation, and learn and adapt quickly
- Experience with performing host or network incident response, malware analysis, or forensics
- Experience with network forensics and intrusion analysis, including performing independent research and reporting on findings
- Ability to show originality and creativity during problem solving
- Possession of excellent oral and written communication skills, including communicating effectively under both normal and stressful situations
- BA or BS degree in Engineering, CS, Information Security, or Information Systems preferred; MA or MS degree in Engineering, CS, Information Security, or Information Systems a plus
- Industry-Recognized Information Security Certifications, including CISSP, Security+, or SANS
20
Incident Handler Resume Examples & Samples
- Strong written and spoken communications skills
- "Threat Hunter" mentallity
- Inquisitive and always probing for solutions to problems and tasks
- Past experience with computer forensics--imaging and diagnostics of compromised and affected computers and networks
- Some programming language skills (C#, Python, PHP--not all 3 just at least one)