Back

Cursos

ENISA Profiles » Cyber Incident Responder

Valor:  2180 €

Horário:

2ª, 4ª e 5ª das 18:00 H ás 22:00 H

Formato: Online

Nº Horas: 30 H

Duração: 4 semanas

  • Alternative Title(s)
  • Cyber Incident Handler
  • Cyber Crisis Expert
  • Incident Response Engineer
  • Security Operations Center (SOC) Analyst
  • Cyber Fighter /Defender
  • Security Operation Analyst (SOC Analyst)
  • Cybersecurity SIEM Manager
  • Summary Statement

Monitor the organisation’s cybersecurity state, handle incidents during cyber-attacks and assure the continued operations of ICT systems.

  • Mission

Monitors and assesses systems’ cybersecurity state. Analyses, evaluates and mitigates the impact of cybersecurity incidents. Identifies cyber incidents root causes and malicious actors. According to the organisation’s Incident Response Plan, restores systems’ and processes’ functionalities to an operational state, collecting evidences and documenting actions take.

  • Deliverable(s)
  • Incident Response Plan
  • Cyber Incident Report
  • Main Task(s)
  • Contribute to the development, maintenance and assessment of the Incident Response Plan
  • Develop, implement and assess procedures related to incident handling
  • Identify, analyse, mitigate and communicate cybersecurity incidents
  • Assess and manage technical vulnerabilities
  • Measure cybersecurity incidents detection and response effectiveness
  • Evaluate the resilience of the cybersecurity controls and mitigation actions taken after a cybersecurity or data breach incident
  • Adopt and develop incident handling testing techniques
  • Establish procedures for incident results analysis and incident handling reporting
  • Document incident results analysis and incident handling actions
  • Cooperate with Secure Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs)
  • Cooperate with key personnel for reporting of security incidents according to applicable legal framework
  • Key Skill(s)
  • Practice all technical, functional and operational aspects of cybersecurity incident handling and response
  • Collect, analyse and correlate cyber threat information originating from multiple sources
  • Work on operating systems, servers, clouds and relevant infrastructures
  • Work under pressure
  • Communicate, present and report to relevant stakeholders
  • Manage and analyse log files
  • Key Knowledge
  • Incident handling standards, methodologies and frameworks
  • Incident handling recommendations and best practices
  • Incident handling tools
  • Incident handling communication procedures
  • Operating systems security
  • Computer networks security
  • Cyber threats
  • Cybersecurity attack procedures
  • Computer systems vulnerabilities
  • Cybersecurity-related certifications
  • Cybersecurity related laws, regulations and legislations
  • Secure Operation Centres (SOCs) operation
  • Computer Security Incident Response Teams (CSIRTs) operation
  • e-Competences (from e-CF)

A.7. Technology Trend Monitoring (Level 3)
B.2. Component Integration (Level 2)
B.3. Testing (Level 3)
B.5. Documentation Production (Level 3)
C.4. Problem Management (Level 4)

Documentação

Para mais informações, contacte-nos:

    * Campo obrigatório