Must be able to obtain a Baseline clearance.
Essential Criteria
• Demonstratable experience in content development with at least 2 SIEM technologies (Splunk, Elastic, Q-Radar, MS Sentinel)
• Experience in a Detection Engineering practice
• An understanding of the sigma detection rule syntax
• Experience with SOAR technologies and playbook development
• Experience with EDR technologies (Carbon Black, CrowdStrike, Defender ATP)
• A thorough understanding of the cyber threat intelligence lifecycle
• Knowledge of scripting languages (Bash, Python)
• Strong organisational and teamwork skills.
• Professional Certifications, such as GIAC
• Minimum 5 years of cyber security operations experience