- Over 6 years experience in Cyber Security, Application Implementation, Configuration Management and/or Cyber Operations
- Experience in Application Implementation, Configuration Management, Cyber Operations
- Preferred Certifications (any in the list): CCSP, Azure, AWS or GCP , CISSP, CRISC, OSCP, CEH, GPEN
- In-Depth security monitoring experience with one or more SIEM technologies and intrusion detection, prevention technologies.
- Extensive project management experience in deploying security-related initiatives
- Strong understanding Cloud environment’s Security monitoring components
- Strong understanding of security risks , threats, and vulnerabilities and the judgment
to assess and articulate risk effectively.
- Extensive senior level experience in Information Security or Governance, Risk &
Compliance (GRC).
- Third party assessments and audits: extensive experience conducting third part
audits, especially on small sized service providers.
- Extensive experiences working with GRC tools, and good understanding of the risk
management process will be a plus.
- Familiarity with, and ability to articulate application of ISA/IEC 62443 standards and
Purdue model will be a plus.
- Strong understanding of networking principles including TCP/IP, WANs, LANs, and
commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP.
- Excellent understanding of the cyber-kill chain model and associated technologies,
and detection/mitigation techniques such as firewalls, traffic scrubbing, signature-based
detection and 0-day detection.
- Expertise in security protection solutions including firewall, intrusion detection and
protection systems, web application firewalls, anti-virus, and security monitoring
solutions.
- Familiarity with Industrial Control Systems, PLCs, and SCADA Systems IS A Plus
Technical expertise in IT/OT integration and convergence.