Job Description :
• Minimum 2 Year experience working in a 24/7 Cyber Security Operation Center Environment will give priority
• Hands on experience working on SIEM (IBM QRadar, LogRhythm, SPLUNK, Allien Vault etc.)
• Proficient in Windows and Linux operating system
• Working knowledge of database and operating system security
• Investigate and respond to system alerts generated by firewall, IDS/IPS, SIEM, Active Directory monitoring.
• Good knowledge APT actors; their tools, techniques, and procedures (TTPs)
• Experience with one or more scripting languages (Powershell, Python, Bash, etc.) and experience with integration of threat hunting and cyber threat intelligence into the incident response process
• Knowledge of TTP methods and frameworks, TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
• Knowledge of one or more - Windows/AD file system, registry functions and memory artifacts, Unix/Linux file systems and memory artifacts, Mac file systems and memory artifacts,
• BA/BS in Computer Science, Information Security, Information Systems, Engineering or related work experience
• Having Security Certification will be preferred (e.g. IBM QRadar, CEH etc.)