Job Requirements :
- Deep understanding of logging mechanisms of Windows, Linux, and MAC OS platforms, networking
- Threat Hunting
- Understanding of attacker techniques that leverage email and cloud-service tactics.
- Experience with advanced persistent threats and human adversary compromises.
- Security Operations Centre work experience
- Identify potential risks, threats, vulnerabilities and exploits through malware analysis
- vulnerability scanning, threat hunting, secure code review and penetration testing.
- Document findings and drive remediation validation of identified vulnerabilities
- Proficiency with any of the following: EDR, Anti-Virus, Threat Hunting, Host-Based Forensics, Network-Based Forensics, and Encryption
- In-depth knowledge of architecture, engineering, and operations of any one enterprise SIEM platform (e.g. ArcSight, QRadar, LogLogic, Splunk)
- Expertise in IRP (Incident Response Playbook) creation and execution
- Good communication skills to coordinate among various stakeholders of the organization
- Visibility & Detection in Cloud Environments. True-positive incidents will be transitioned to Incident Handler/Commander for management
Nice to Have :
- Scripting skills for automation in Windows, Linux, Unix Environments
- Good understanding of the offensive and defensive side of security
- Excellent communication skills