Responsibilities:
- – A minimum of 3 to 4 years of cyber security experience.
- – Experience working with Security Information and Event Management (SIEM) and Security Orchestration Automation and Response (SOAR) technologies.
- – In-depth understanding of Endpoint Detection and Response (EDR) tools.
- – Experience with developing scripts in Python or PowerShell.
- – Candidate should have strong communication skills (listening, verbal and written).
- – Hands on experience in a SOC, performing investigations and managing incidents.
- – Hands on experience with open source and commercial threat intelligence and malware analysis tools.
- – Experience performing analysis of security events to determine if they are true positives or false positives.
- – Understanding of threat hunting tools, techniques and frameworks.
- – Understanding of threat vectors and performing root cause analysis.
Basics:
Good understanding of network and security technologies (routers, switches, firewalls, endpoint detection and response, endpoint protection platforms email threat protections).
If the applicant possesses any of the subsequent qualifications, they may be regarded as supplementary skills (a bonus):
- – In-depth understanding of the Microsoft Defender ecosystem.
- – Experience with red team assessment methodologies.
- – Experience in writing and tuning malware signature detection.
- – Experience with security technologies (IDS, IPS, FW, AV, Proxies, DLP, PKI, SSL/TLS, SSL visibility, VPN) and utilizing APIs for data sharing.