Job Qualifications
- The ideal candidate will have 3+ years of security-related experience in incident triage/incident response
- Experience with a command-line interface and some level of exposure to administering systems and services for various operating systems.
- Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation
- Demonstrated ability to analyze, triage and remediate security incidents
- Understanding of security principles, techniques and technologies such as SANS Top 20 Critical Security Controls and OWASP Top 10
- Ability to manage multiple priorities simultaneously
- Moderate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.)
- Moderate knowledge of malware operation and indicators
- Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
- Moderate knowledge of security-related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.)
- Moderate protocol analysis experience (Wireshark, tcpdump, Netwitness, Snort, Bro, etc.)
- Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)
Security Certifications Preferred (including but not limited to the following certifications):
- Certified Incident Handler (GCIH)
- Certified Intrusion Analyst (GIAC)
- Certified Ethical Hacker (CEH)
- Certified Expert penetration tester (CEPT)
- Certified Information Systems Security Professional (CISSP)
- Networking Certifications (CCNA, etc.)
- Platform Certifications (Microsoft, Linux, Solaris, etc.)