Job Description :

•        Minimum 2 Year experience working in a 24/7 Cyber Security Operation Center Environment will give priority

•        Hands on experience working on SIEM (IBM QRadar, LogRhythm, SPLUNK, Allien Vault etc.)

•        Proficient in Windows and Linux operating system

•        Working knowledge of database and operating system security

•        Investigate and respond to system alerts generated by firewall, IDS/IPS, SIEM, Active Directory monitoring.

•        Good knowledge APT actors; their tools, techniques, and procedures (TTPs)

•        Experience with one or more scripting languages (Powershell, Python, Bash, etc.) and experience with integration of threat hunting and cyber threat intelligence into the incident response process

•        Knowledge of TTP methods and frameworks, TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB

•        Knowledge of one or more - Windows/AD file system, registry functions and memory artifacts, Unix/Linux file systems and memory artifacts, Mac file systems and memory artifacts,

•        BA/BS in Computer Science, Information Security, Information Systems, Engineering or related work experience

•        Having Security Certification will be preferred (e.g. IBM QRadar, CEH etc.)