Education: Bachelors in Computer Science, Information Systems, Information Security or 3-4 years of related work experience.
Minimum of 3-4 years of experience in one or more of the following:
Working in a Security Monitoring/Security Operations Center environment (SOC)
Experience investigating security events, threats and/or vulnerabilities
Understanding of electronic investigation and log correlationProficiency with the latest intrusion detection platforms; working knowledge of Linux and/or Windows systems administration (Including AD).
Scripting or programming (Shell scripting, Python, PowerShell,Perl, Java, etc.)
Conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc) to identify information security incidents
Desired skill: Previous leadership experience as a team lead or supervisor.
Desired Certifications: GCIH, CEH, GCFA, GCIA, GSEC, GIAC,SSCP, Security+
Knowledge, Skills & Experience:
-Extensive experience working with SIEM, Log Aggregators, Incident Response Management solutions
-Strong technical knowledge of Networking, Operating Systems and enterprise integrations
-Experience managing standards, developing Security Operations Process, reporting and dashboards
-Excellent communication, collaboration, relationship management and leadership
-Self-directed and able to perform tasks without supervision
- Information Security Principles, Technologies, and Practices
-Proven experience with multiple security event detection platforms
-Thorough understanding of TCP/IP
- Understand IDS / IPS rules to identify and/or prevent malicious activity
-Demonstrated integrity in a professional environment
-Good social, communication and technical writing skills
-Comfortable navigating and troubleshooting Linux and Windows system issues