SOC Lead Threat Hunter - Around 8-10 years working experience in Global SOC
- Must have experience in any SIEM Management tool Splunk, QRADAR, HP Arc sight,
- Triage Specialist - Separating the wheat from the chaff.
- Vulnerability Management tools like Tenable, Rapid 7, Qualys, Nmap, Brupsuite etc..
- Experience in conducting VA/PT of Infrastructure and Web Application assessments
- Behavioral anomaly detection to identify emerging threats - Investigations Forensics
- Investigate suspicious activity, contain and mitigatethem
- Cyber Kill Chain MITRE ATTACK Matrix mapping proactive hunting.
- Threat Hunting, attack identification, investigation, correlation and suggesting mitigation measures
- Deep investigations/CSIRT, Mitigation/recommends changes, More advanced SME in cybersecurity, Experienced security analyst, understands more advanced features of security tools, thorough understanding of networking and platform architecture (routers, switches, firewalls, security), Ability to dig through and understand various logs (Network, firewall, proxy, app, etc..)
- Good to have either of certifications like, ITIL, CCNA, CEH, etc. - Process and Procedure adherence. - Tier 2 Security Analyst—addresses real security incidents