Description
- Minimum of 5 years of experience working in a Security Operations Center functioning in a Security Analysis, Incident Response, Attack Analysis, or Computer Network Defense (CND) capacity
- This role requires experience effectively communicating event details and technical analysis, technical audiences within the global cyber organization and other technology groups.
- TCP/IP, IPv6, UNIX, Windows, HTTP and related network tools is required
- The ideal candidate will have a technical background with significant previous experience in an enterprise environment with the following:
- Comprehensive understanding of regular expressions
- Understanding of database structure and queries
- Knowledge of common network tools (e.g., ping, traceroute, nslookup)
- Comprehensive understanding of network services, vulnerabilities and attacks
- Ability to conduct packet analysis, decode and perform packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump)
- Skilled in conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Knowledge of Intrusion Detection System (IDS) tools and applications
- Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies
- Experience with Malware / Reverse Engineering with ability to assist in Static and Dynamic Analysis
- Knowledge of how to troubleshoot basic systems and identify operating systems-related issues.
- Knowledge of Windows/Unix ports, services and command line (Unix command line)
- Comprehensive knowledge of network design, defense-in-depth principles and network security architecture
- Experience with reviewing raw log files, data correlation, and analysis (i.e., firewall, network flow, IDS, system logs)
- Skilled in network mapping and recreating network topologies
- Experience with a scripting language such as Perl, Ruby, Python, and BASH
- Experience in host forensics
- Experience in log analysis and security event correlation tools (ex. ELK, Splunk Enterprise Security)
.
Skills
Cybersecurity
Industry Sector