The Incident Response Specialist will report to the VP, Information Response and Remediation.

The Specialist is a highly skilled and experienced analyst with a focus on controlling and
handling information security incidents, developing and improving incident response processes,
tools, and capabilities.
The Specialist will respond to customer major information security incidents, as the lead
controller and handler. Drawing additional resources from our technical consulting teams, the
Specialist will build and lead teams to go onsite with the customer to respond and remediate
active threats. As a primary interface to customers in crisis, the Specialist will have excellent
communication and organizational skills, to support the efficient and smooth handling of
incidents. The Specialist will have strong skills in collaborating and supporting junior incident
handlers. The Specialist may be required to support customers by developing and testing Incident
Response plans.
The Specialist will evaluate, develop, select, document and implement tools, processes, and
methods to continuously improve the Incident Response service.
The Specialist will engage, support, and promote all Herjavec Group teams and services, and
maintain a positive relationship with sales teams to support customers with appropriate technical
controls and consulting services.
Responsibilities
Assist with developing, operating, and continuously improving the IRR services
Support IRR incidents as a primary incident controller and handler for customer IRR
engagements
Write engagement closeout reports
Train, develop, coach, and supervise junior and ad-hoc responders (controllers and handlers)
Maintain and develop relationships with all consulting and technical support leaders and
team members
Ability to communicate with a customer in a clear and precise manner
Maintain and improve capabilities for Incident Response, including researching, selecting,
and implementing toolsets and processes.
Desired Skills and Experience
College Diploma or University Degree in Information Security or relevant security up-todate certificates and/or equivalent work experience
Demonstrated experience in handling or controlling large and complex information security
incidents, including experience in leading incident management and digital forensics processes
GIAC Certified Incident Handler certification preferred
Specific skills in: FW, malware analysis, packet analysis, log analysis, and security
architecture desirable
Minimum 5 years' experience in IT security field

The following will be considered an asset:

Certifications such as CISSP, GIAC CIH, OSCP, ITIL, COBiT, or SABSA

Working knowledge of NIST SP800-61r2 and ISO 27035
Knowledge of ISO information security standard families, particularly ISO 27001 and 27002
Security threat and attack countermeasures
Practical skills in digital forensics

Non-Technical Skills:
Excellent communications skills (active listening, written, oral)
Client facing communication (report issues to customer in a timely manner, demonstrate
expertise of the overall business unit, develop presentations to highlight results and solutions,
etc.)
A positive and constructive minded team player
Strong troubleshooting, reasoning and problem solving skills
Team player with ability to work autonomously