- Hands-on experience with vulnerability identification and vulnerability management process
- Hands-on experience in SIEMs, especially detection of new threats
- Experience with customizing and tuning SIEM
- Know-how regarding LAN / WLAN protocols (being able to detect anomalies)
- Experience with security LAN, WLAN, Ethernet/UDP/TCP/IP protocols, PKI infrastructure, encryption methods
- Practical experience within configuration and verification IDS/IPS systems, especially effectively connecting them to SIEM systems
- Practical hands-on within automation tools
- Basic experience with scripting languages
- CCNA Security, CISSP, CISA, or CISM
- Daily work with crating and verifying customized vulnerability reports and analysing / customizing SIEM system
- Rating vulnerabilities preparing analyses of security risks and vulnerabilities influence to the IT infrastructure
- Anomaly detection for known threats
- Researching for security countermeasures and suggesting them for implementation
- Support for analysis of complex SIEM cases (CSOC Level 2, CSOC Level 3)
- Support for creating new SIEM use cases with needed documentation