The consultant’s primary duty is to ensure that the organization’s digital assets are secure and protected from unauthorized access. This includes protection of both the cloud and on-premises infrastructures, monitoring metrics and data to identify suspicious activity, and identifying and mitigating risks to information systems.
Required Skills:
- Knowledge of common indicators of compromise and of methods for detecting these incidents
- Knowledge of IT core infrastructure and cybersecurity components/devices
- Experience monitoring threats via a SIEM console with significant experience performing analysis of log files from a variety of sources, including individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
- Knowledge of diverse operating systems, networking protocols, and systems administration, and system forensic investigation techniques
- 3+ years Experience working in a Security Operation Center or related position
- Familiarity with Cyber Kill Chain, MITRE ATT&CK, and NIST Cybersecurity Frameworks
Applicable certifications including Security+, CEH, GIAC, CASP, CISSP