- Collecting and analyzing detailed host information through host monitoring tools – including command line tools as necessary
- Collecting and analyzing detailed network information through network monitoring tools – including StealthWatch, Blue Coat SAP, Wireshark, etc
- Collecting and analyzing detailed enterprise logs using QRadar, collecting logs of systems directly, and LogParser Lizard
- Analyzing malware and malware delivery methods using tools and skillsets such as Office Malscanner, automated malware sandboxes, PDF Dumper/Stream/Parser, Joe Sandbox, XOR Search, strings, script analysis and de-obfuscation
- Working knowledge on SIEM tools like QRadar
- Should have experience in Security tools like Wireshark, Damballa, PDF analyzer, Sys-internal tools,
- Hands on experience on the Incident Response activities like Malware analysis, phishing analysis, etc.
- Should have experience in analysis of the malware/java script/code in the sandbox environment.
- Good understanding and hands on PKI
- Good understanding of vulnerability management.
- Good analytical skills
- Good understanding and hands on Endpoint Security like AV, Anti-malware, etc.
- Ability to interface with end users and different technology teams to resolve security issues
- Bachelor’s degree required.
- Minimum 1+ years of Security Monitoring/Incident Response
- Excellent presentation communication and reporting
- Ability to Follow Policies and Procedures
- Team Skills
- Industry specific certifications
§ Experience in working with globally distributed delivery teams.