EXPERIENCE/KNOWLEDGE
- 7+ years of experience working within a cybersecurity role, especially if within Security Operations function supporting security monitoring and incident response activities.
- 5+ years’ experience with Associate’s degree; 3+ years’ experience with Bachelor’s degree.
- Operational experience working with an EDR and SIEM platform solution to scale analysis and response across a global organization.
- Advanced understanding of incident response methodologies and practical application within a production environment.
- Familiarity with incident response and security operations in hybrid environments operating on-premise and public cloud environment infrastructures.
- Technical understanding of the Cybersecurity threat landscape and ability to apply that to threat hunting capabilities and techniques.
- Understanding of malware analysis fundamentals.
- System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise.
- Ability to clearly and concisely document and explain technical details (e.g. experience documenting incidents, forensic analysis reports, technical writings, etc.).
COMPUTER SKILLS:
- Familiarity with security in various Windows and Linux operating systems (Physical and Virtual installations)
- Scripting language such as PowerShell, Perl or Python is a plus
CERTIFICATIONS: CISSP, CEH, GCIH, GCFA, Security+, OSCP or other relevant industry certifications preferred