Qualifications
- This role requires a wide variety of strengths and capabilities, including:
- Good level of knowledge in network fundamentals, for example; OSI Stack, TCP/IP, DNS, HTTP(S), SMTP
- Good level of understanding in the approach threat actors take to attacking a network; phishing, port scanning, web application attacks, DDoS, lateral movement
- Experience or demonstrable knowledge in log analysis and PCAP analysis
- Knowledge in Windows and/or Linux operating systems, how to investigate them for signs of compromise
- Foundational understanding of file analysis; extracting indicators, providing a report, implementing mitigations
- Basic understanding for Cloud architecture and how an attacker can utilize these platforms
- Foundational level of scripting knowledge is desirable
- Ability to demonstrate the right approach to investigating alerts and/or indicators and document your findings in a manner that both peer and executive level colleagues can understand
- Appreciation of the wider roles of interconnecting Cyber Security teams and collaboration with each of those (i.e. Forensics / Threat Intelligence / Penetration Testing / Vulnerability Management / Purple Teaming etc)
- Willing to work a shift pattern that includes weekend work every four weeks