The resource MUST have the following skills and experience:

 •Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols
• Deep knowledge of Microsoft Security Tools (e.g. M365, Cloud App Security, Azure,Defender for Endpoints, Azure Security, Azure Sentinel and XDR
• Deep Knowledge of Cloud technologies (e.g. Azure, AWS and GCP)
• Deep knowledge of SIEM tools like Splunk, QRadar, ArcSight, MS Sentinel, ELK Stack
• Knowledge of at least one EDR solution (MS Defender for Endpoint, Sentinelone, Crowdstrike)
• Knowledge of email security, network monitoring, and incident response
• Knowledge of Linux/Mac/Windows;
• A minimum of five (5) years of relevant experience in information technology field, including triage of alerts and supporting security incidents
• Proven experience in reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
• Proven experience on administering a SIEM platform, preferable either Splunk or Microsoft Sentinel SIEM
• Expert knowledge of English, both written and spoken, is required

The resource SHOULD have the following skills and experience:

• Proven knowledge of monitoring AWS environment (Iaas, Saas, Paas)
• Knowledge of at least one general-purpose or shell scripting language (e.g. Ruby, Bash, PowerShell, Python, etc.)

Soft skills:

• Excellent communication skills
• Customer facing experience and oral communication skills
• Ability to write documentation & reports
• Creativity/ ability to find innovative solutions
• Willingness to learn on the job
• Conflict management & cooperation

Desirable certifications:

• Technical certifications: MCSE, CCNA, Microsoft Azure (e.g., SC-200), GCIH, CEH, GCFA or any GIAC/similar certification
• Relevant industry certifications

Teleworking Options:

☒ Yes

On-Call requirements:

☒ One week per month