• Ability to work flexible schedules including shift work, weekends, and holidays.
• Experience working in a Security Operations Center or similar environment providing threat monitoring, intrusion detection, analysis, threat determination, mitigations processing and tracking.
• Familiarity with enterprise network topology and architecture.
• Experience triaging threats derived from various intakes to include security technology alerts, user reported tickets, and other internal teams across security, technology, and business units.
• Experience working with various network and system security technologies to include SIEM, data analytics platforms, end-point tools, network technologies and appliances, etc.
• Experience working across organizational lines of business to implement mitigations, remediations, and countermeasures resulting from cyber threat intrusions.
• Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that drive them.
• Previous experience working with and documenting analysis results in a knowledge, intelligence, and/or case management system.

NICE TO HAVE’S:

• Relevant certifications (Security +, CISSP, GCIA, GCIH, GISF, GCED, GMON, etc.).
• Previous experience working in IT Operations or Network Operations support.
• Hands on experience working with Incident Response and Cyber Threat Intelligence functions.
• Previous experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
• Previous experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.
• Bachelor’s Degree or higher.