Lead handler job description
Updated March 14, 2024
4 min read
Find better candidates in less time
Post a job on Zippia and take the best from over 7 million monthly job seekers.
Example lead handler requirements on a job description
Lead handler requirements can be divided into technical requirements and required soft skills. The lists below show the most common requirements included in lead handler job postings.
Sample lead handler requirements
- Bachelor's degree in a related field.
- At least 5 years of experience in a leadership role.
- Strong knowledge of applicable laws and regulations.
- Proficiency in managing personnel and resources.
- Knowledge of industry best practices.
Sample required lead handler soft skills
- Excellent communication and interpersonal skills.
- Strong organizational and problem-solving skills.
- Ability to work independently with minimal supervision.
- Ability to prioritize tasks and manage multiple projects.
- Excellent ability to motivate teams and build morale.
Lead handler job description example 1
SOS International lead handler job description
**Overview**
SOS International LLC (SOSi)is seeking a **24/7** **Incident Handling Lead** in **Ft. Huachuca, AZ** . The 24/7 Incident Handling Lead reports to the DCO Branch Manager and is responsible for collecting and analyzing event information and performing threat or target analysis duties.
**Responsibilities**
+ Perform event triage & escalation, sensor monitoring, cyber incident investigation, cyber event analysis & correlation, log analysis, and malware analysis.
+ Act as the primary escalation point for all Incident Handling and Incident Response actions across the 24/7 team.
+ Maintain 24/7 scheduling and callback procedures to ensure adequate support to the Incident Handling and Incident Response missions.
+ Detect, document, and report potential or confirmed incidents and security issues.
+ Oversee 24/7 analysis of events utilizing ArcSight Security Information Event Management (SIEM) systems, Big Data Analytics (Gabriel Nimbus), and other supporting platforms or applications.
+ Conduct incident handling actions in accordance with CJCSM 6510.01b, established operational procedures, and providing recommendations in the best interest of protecting the DoDIN.
+ Coordinate and perform incident response investigations providing leadership with details to make critical security decisions.
+ Conduct quality control of incidents and investigations to maintain compliance with applicable policies.
+ Develop recommendations to enhance detection capabilities and implement mitigation measures in response to general or specific threats (attempted exploits, attacks, malware delivery, etc.).
+ Assist in designing and integrating custom rules and reports within data collection platforms.
+ Prepare technical summaries and briefings.
+ Provide technical expertise regarding the defense of information systems and networks.
+ Correlate event data to create situational awareness and trend analysis reports.
+ Conduct root cause analysis to identify, diagnose, and resolve cyber security problems.
+ Develop and maintain TTPs and SOPs on Incident Handling and Incident Response.
+ Work with vendors to evaluate new products and resolve equipment design problems.
+ Provide guidance and work leadership to less-experienced cyber security analysts and other technical staff.
+ Maintain current knowledge of relevant technologies as assigned.
+ Update SmartBooks associated with current knowledge of relevant technologies as assigned.
+ Participate in special projects as required.
+ Potential to lead/manage high level administrative/technical taskings without assistance.
+ Collaborate with external agencies, LE/CI, GTMs, Branch Chiefs, Division Chiefs and RCC-C Leadership.
**Qualifications**
• Active in scope Top Secret (TS) with eligibility for Sensitive Compartmented Information (SCI) clearance or the abililty to obtain an Interim Top Secret with SCI eligibility
• HS +12 years of experience, or AA/AS +10, or BA/BS +8
• An IAT II certification (CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP) is required
• CSSP-IR Certification
**Preferred Qualifications**
+ ITIL Foundation Certification
+ Familiarity with the following computer network defense technologies:
+ Security Information and Event Management (SIEM) systems
+ Network and Host Intrusion Detection Systems / Intrusion Prevention Systems (IDS/IPS)
+ Network and Host malware detection and prevention
+ Network traffic analysis tools
+ Basic understanding of how to analyze the following data sets:
+ Proxy logs
+ Firewall logs
+ PCAP data
+ Host based security event alerts
+ Windows system and event logs
+ Basic problem solving
+ The ability to multi-task
+ Customer service
+ Fluency in a foreign language isdesirable, but not required.
**Working Conditions**
+ Working conditions are normal for an office environment.
+ Fast paced, deadline-oriented environment.
+ May require periods of non-traditional working hours including consecutive nights or weekends (if applicable)
SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.
**Job Locations** _US-AZ-Fort Huachuca_
**Job Post Information* : Posted Date** _7 months ago_ _(3/18/2022 4:00 PM)_
**_ID_** _2022-5768_
**_Location : Location_** _US-AZ-Fort Huachuca_
**_Potential for Remote_** _No_
**_Clearance Requirement_** _Top Secret/SCI_
**_Job Requires Relocation_** _Yes_
**_Job Requires Relocation_** _Yes_
SOS International LLC (SOSi)is seeking a **24/7** **Incident Handling Lead** in **Ft. Huachuca, AZ** . The 24/7 Incident Handling Lead reports to the DCO Branch Manager and is responsible for collecting and analyzing event information and performing threat or target analysis duties.
**Responsibilities**
+ Perform event triage & escalation, sensor monitoring, cyber incident investigation, cyber event analysis & correlation, log analysis, and malware analysis.
+ Act as the primary escalation point for all Incident Handling and Incident Response actions across the 24/7 team.
+ Maintain 24/7 scheduling and callback procedures to ensure adequate support to the Incident Handling and Incident Response missions.
+ Detect, document, and report potential or confirmed incidents and security issues.
+ Oversee 24/7 analysis of events utilizing ArcSight Security Information Event Management (SIEM) systems, Big Data Analytics (Gabriel Nimbus), and other supporting platforms or applications.
+ Conduct incident handling actions in accordance with CJCSM 6510.01b, established operational procedures, and providing recommendations in the best interest of protecting the DoDIN.
+ Coordinate and perform incident response investigations providing leadership with details to make critical security decisions.
+ Conduct quality control of incidents and investigations to maintain compliance with applicable policies.
+ Develop recommendations to enhance detection capabilities and implement mitigation measures in response to general or specific threats (attempted exploits, attacks, malware delivery, etc.).
+ Assist in designing and integrating custom rules and reports within data collection platforms.
+ Prepare technical summaries and briefings.
+ Provide technical expertise regarding the defense of information systems and networks.
+ Correlate event data to create situational awareness and trend analysis reports.
+ Conduct root cause analysis to identify, diagnose, and resolve cyber security problems.
+ Develop and maintain TTPs and SOPs on Incident Handling and Incident Response.
+ Work with vendors to evaluate new products and resolve equipment design problems.
+ Provide guidance and work leadership to less-experienced cyber security analysts and other technical staff.
+ Maintain current knowledge of relevant technologies as assigned.
+ Update SmartBooks associated with current knowledge of relevant technologies as assigned.
+ Participate in special projects as required.
+ Potential to lead/manage high level administrative/technical taskings without assistance.
+ Collaborate with external agencies, LE/CI, GTMs, Branch Chiefs, Division Chiefs and RCC-C Leadership.
**Qualifications**
• Active in scope Top Secret (TS) with eligibility for Sensitive Compartmented Information (SCI) clearance or the abililty to obtain an Interim Top Secret with SCI eligibility
• HS +12 years of experience, or AA/AS +10, or BA/BS +8
• An IAT II certification (CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP) is required
• CSSP-IR Certification
**Preferred Qualifications**
+ ITIL Foundation Certification
+ Familiarity with the following computer network defense technologies:
+ Security Information and Event Management (SIEM) systems
+ Network and Host Intrusion Detection Systems / Intrusion Prevention Systems (IDS/IPS)
+ Network and Host malware detection and prevention
+ Network traffic analysis tools
+ Basic understanding of how to analyze the following data sets:
+ Proxy logs
+ Firewall logs
+ PCAP data
+ Host based security event alerts
+ Windows system and event logs
+ Basic problem solving
+ The ability to multi-task
+ Customer service
+ Fluency in a foreign language isdesirable, but not required.
**Working Conditions**
+ Working conditions are normal for an office environment.
+ Fast paced, deadline-oriented environment.
+ May require periods of non-traditional working hours including consecutive nights or weekends (if applicable)
SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.
**Job Locations** _US-AZ-Fort Huachuca_
**Job Post Information* : Posted Date** _7 months ago_ _(3/18/2022 4:00 PM)_
**_ID_** _2022-5768_
**_Location : Location_** _US-AZ-Fort Huachuca_
**_Potential for Remote_** _No_
**_Clearance Requirement_** _Top Secret/SCI_
**_Job Requires Relocation_** _Yes_
**_Job Requires Relocation_** _Yes_
Post a job for free, promote it for a fee
Resources for employers posting lead handler jobs
Average cost of hiring
Recruitment statistics
How to write a job description
Examples of work conditions
Lead handler job description FAQs
Ready to start hiring?
Updated March 14, 2024
Updated March 14, 2024