Proven working experience 2-3 year(s)) in a security operations center (SOC).
Hands-on experience with security tools (e.g., SIEMs like Splunk or QRadar, antivirus/EDR, firewalls).
Basic understanding of networking (TCP/IP, DNS, VPNs) and common attack vectors (phishing, malware, etc.).
Familiarity with log analysis and threat detection.
Strong analytical, communication, and problem-solving skills.
Sentinal One Endpoint Detection & Response through investigation on incidents or other EDR tools.
Strong understanding of MITRE ATT&CK framework and modern threat actor behaviors.
Understanding of EDR evasion, lateral movement, privilege escalation, and persistence techniques.
understanding of fundamental cybersecurity concepts, including network security, endpoint security, and common attack vectors.
Reporting, Coordination & Escalation of incidents & service requests.
Maintain documentation and technical/services tracker as per agreed SLA.
Should have completed any technical workshop or course.