Technical Skills and Experience
• Senior or lead experience in Threat Hunting or Incident Response.
• SIEM: Familiarity with SIEM tools and security incident analysis and investigation
• XDR: Familiarity with XDR tools for incident response and threat hunting
• Microsoft Purview: Familiarity with eDiscovery and Content Search for data gathering and investigation
• Cloud Expertise: Azure, Microsoft 365 experience are essential, along with familiarity of security features (e.g., Azure, O365, Defender Suite, Sentinel, Purview).
• Programming and Scripting Skills: Familiarity with languages such as KQL, Python, Bash, PowerShell
• Solid Understanding of TCP/IP, DNS, VPNs, firewalls, proxies, and routing
• Operating Systems Expertise: Proficiency in Windows, Linux, and macOS environments
Equivalent Certifications are Highly Recommended
• Threat Hunting Professional (THP) equivalent certifications from from EC-Council, SANS, Comptia and Others
• Incident Handling Professional (IH) equivalent certifications from EC-Council, SANS, Comptia and Others
• Digital Forensics Profession (DFP) equivalent certifications from EC-Council, SANS, Comptia and Others
• Certified Ethical Hacker (CEH): Covers tools and techniques used by hackers, focusing on identifying and mitigating risks.
• CompTIA PenTest+: A vendor-neutral certification covering planning, vulnerability scanning, and reporting.
Soft Skills and Personal Attributes
• Analytical and Problem-Solving Skills: Ability to think creatively to uncover potential anomalies or security weaknesses.
• Attention to Detail: Precision in identifying vulnerabilities and documenting results.
• Communication Skills: Ability to clearly explain technical risks and findings to non-technical stakeholders.
• Teamwork: Strong collaboration skills to work with IT teams, developers, and business units.
• Curiosity and Passion: A desire to stay up to date with the latest security trends and tools.
Familiarity with Tools, Frameworks, and Methodologies
• Tools: Microsoft Sentinel SIEM, Defender XDR Suite, Email Security Gateways, Azure Cloud, Nmap, Zscaler, Tenable
• Methodologies: Understanding of frameworks such as OWASP, NIST Cybersecurity Framework, and MITRE ATT&CK.