- Experience: Minimum 5+ years in a Security Operations or Incident Response role, with at least 2 years at a Tier 2 or Tier 3 level.
- Expertise: Deep expertise in one or more areas: Memory/Endpoint Forensics, Network Traffic Analysis (Packet Analysis), or Malware Reverse Engineering.
- SIEM/SOAR Mastery: Proven ability to administer, optimize, and write advanced logic/playbooks on a SIEM (e.g., Splunk, QRadar) or SOAR platform.
- Scripting/Automation: Proficiency in Python, PowerShell, or other scripting languages for automating analysis and response tasks.
- Certifications (Highly Preferred): Certified Ethical Hacker (CEH) - Practical, CISSP or other relevant
- Soft Skills: Exceptional written and verbal communication skills to present technical findings to both technical and executive audiences.