Bachelor’s degree or equivalent practical experience.
6 years of experience in either system design or in one programming language (Java, C++, Python, etc.).
6 years of experience in technical troubleshooting, and managing internal/external partners or customers.
Experience working with incident response investigations, analysis, and containment actions.
Experience with network forensics, malware triage analysis, cloud forensics, and disk and memory forensics.
Active US Government Top Secret/Sensitive Compartmentalized Information (TS/SCI) security clearance with polygraph.
Preferred qualifications:
Experience in SIEM event analysis, triage, and investigation.
Experience with security impact assessment and formal reporting.
Knowledge of security event management, leveraging common support systems (e.g. ServiceNow) to document and manage the lifecycle of an incident.
Knowledge of technical requirements development of SecStack tooling (e.g., SPULK, ElasticSearch, Google Secops/Chronicle + SCC, Trellix Endpoint Detection and Response-EDR, IDS/IPS, etc.).
TIER 1/Tier 2 Analyst Support and Technical Mentorship.