- Analyze and correlate events from diverse network, end-point, application, and security log sources to identify security threats and incidents.
- Tracking of anomalies, pattern analysis, heuristics, cognitive analysis
- Incident response
- Configuration management
- Reporting - Respond to incidents and escalate as necessary, according to documented procedures
- At least 7 years direct architectural experience designing and deploying security technologies focused on SIEM/Threat Intelligence
- At least 7 years hands-on experience with common, enterprise grade IT and Security technologies from major vendors
- Will have a sound theoretical and practical knowledge of current information security tools and technologies such as network access control (NAC), security information and event management (SIEM), network- and host-based intrusion detection systems (IDS), web and email content filtering, data loss prevention (DLP), log correlation and management, vulnerability scanning and remediation, firewall monitoring and optimization, and DDoS mitigation.
|Nice to Have Skills
||Security certifications such as C|CISO, CISSP, CISM, CRISC, CGEIT, CBCP, CCSK, SSCP, CVI, ITILv3