What are some good questions to ask to an interviewer (Incident Handler)
willanderson1111
Member Posts: 43 ■■□□□□□□□□
I'm interviewing for an incident handler position (security). Also what type of questions should I expect?
Comments
-
cyberguypr Mod Posts: 6,928 ModI would want to know average number of incidents per day/week/month, metrics used, toolset available, expertise within the team, escalation process, among others. I basically want to know the entity's IR maturity level. If there's no documentation, no automation, no policy, etc., IR can be painful.
What to expect? Depends of course on the job posting but I would be ready to explain the Kill Chain, common IOCs, stuff about timelining, forensic best practices, etc. Extra points if you can talk in a coherent manner about NIST 800-61. More extra points if you tell me how you would've handled a highly publicized incident.