Job Qualifications

• 7+ years of technical experience in Information Security, System Administration, or Network Engineering with at least 5 - 7 years of experience in Information Security
• Extensive experience in Incident Response, Incident Handling and Security Operations
• Advanced knowledge and expertise of using SIEM technologies for event investigation
• Basic understanding of incident handling/incident response techniques within a cloud-based environment such as Google Cloud, Azure or AWS

Security Certifications Preferred:

• Certified Incident Handler (GCIH)
• Certified Intrusion Analyst (GCIA)
• Certified Penetration Tester (GPEN)
• Certified Ethical Hacker (CEH)
• Certified Expert Penetration Tester (CEPT)
• Certified Information Systems Security Professional (CISSP)
• Networking Certifications (CCNA, etc.)
• Platform Certifications (Microsoft, Linux, Solaris, etc.)

Preferred Competencies

• Advanced event analysis leveraging SIEM tools
• Advanced incident investigation and response skillset
• Advanced log parsing and analysis skillset
• Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc)
• Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
• Advanced knowledge of malware operation and indicators
• Advanced knowledge of penetration techniques
• Moderate to Advanced knowledge of DDoS mitigation techniques
• Moderate to Advanced knowledge or IDS/IPS systems
• Moderate to Advanced knowledge of Windows and Unix or Linux
• Moderate knowledge of Firewall and Proxy technology
• Moderate knowledge of Data Loss Prevention monitoring
• Moderate knowledge and experience with Cloud technologies (Amazon, Azure, Google Cloud)
• Moderate experience with Scripting
• Moderate knowledge of forensic techniques
• Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
• Moderate knowledge of audit requirements (PCI, HIPPA, SOX, etc.)