Strong understanding of Modern Authentication, Authorization, and Accounting, including Role-based and Attribute-based Access Controls (RBAC and ABAC) (5+ years)
Strong understanding of Security Information and Event Management (SIEM) methods and tools (5+ years)
Understanding the purpose and structure of the National Vulnerability Database (NVD), Common Vulnerability Database (CVE), Common Weaknesses and Enumeration (CWE), and Common Attack Pattern Enumeration and Classification Database (CAPEC) (5+ years)
Strong understanding of Directory Services, including Active Directory
Understanding of Identity Access Systems (IAM) and Network Access Control (NAC)
Basic understanding of Transact and ANSI Structure Query Language (SQL)
Knowledge of NIST Risk Management Framework (RMF) and Cybersecurity Framework (CSF)
Ability to audit access rights and ensure alignment with policies