- Knowledge about the (Cyber) Security Incident Lifecycle / Process and corresponding standards
- Understanding of cyber-attack lifecycle (kill-chain etc.) and how to counter each phase
- Understanding of common log management solutions and SIEM platforms, .In particular LogRhythm and Elastic ELK/SIEM.
- Understanding of common triage activities and initial log (network and host) analysis
- Basic understanding of the threat intelligence lifecycle and how IoCs are used to detect threats.
- Direct experience in the line of SOC/ CDC/ CERT work (e.g., security monitoring and detection, incident response, network event analysis, threat analysis, threat intelligence or malware analysis)
- Ideally, hold one of the following certifications: GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Reverse Engineering Malware (GREM), GIAC Cyber Threat Intelligence (GCTI) or other comparable certification
- Fluent in English,
- Strong educational background in network protocols, operating systems and application architectures.
- Hands-on attitude, including automation and tooling of regular tasks using scripting languages