Bachelor's degree in Cyber Security or related field, or equivalent work experience 4-years of experience in Security Operation Centers or a similar role with at least 2-years managing all aspects of a Security Operation Center
Formal IT Security/Network Certification such as CompTIA Security+, Network+, ISC2 CC, ISSAP, CCSP, SANS GIAC Certified Intrusion Analyst (GCIA) or SANS GIAC Network Forensic Analyst (GNFA) or SANS GIAC Continuous Monitoring (GMON) or related Degree
Candidate must have familiarity with Cyber Kill Chain, MITRE ATT&CK, and NIST Cybersecurity Frameworks
Knowledge of common indicators of compromise and of methods for detecting these incidents Knowledge of IT core infrastructure and cybersecurity components/devices
Have demonstrated expertise in developing, implementing, tuning, and automating operations center programs
Experience with scripting preferably with Python/PowerShell
Experience operating and tuning EDR/XDR platforms
Experience monitoring threats via a SIEM console with significant experience performing analysis of log files from a variety of sources, including individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
Knowledge of diverse operating systems, networking protocols, and systems administration, and system forensic investigation techniques
Be adept at managing crises; provide front-line coordination in responses to a myriad of crises
Bachelor’s Degree