9 Siem Management Jobs

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client-first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning, bold ideas, courage and passion to drive life-changing impact to ZS. Senior Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you'll do: . Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging . Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities . Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time . Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities . Perform proactive threat hunting to identify and mitigate advanced threats . Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation . Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats . Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership . Continuously improve SOC processes and playbooks to streamline operations and response efforts . Mentor junior SOC analysts and provide guidance on security best practices . This role requires participation in a rotational shift . Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What you'll bring: . Strong analytical and problem-solving abilities . Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams . Proven ability to remain calm and efficient under a high-pressure environment . Proficient in using SIEM tools, such as Microsoft Sentinel . Experience with data migration strategies across SIEM platforms . Experience on Cloud Security Operations and Incident Response platforms such as Wiz . In-depth understanding of cyber threats, vulnerabilities, and attack vectors . Proficient in creating KQL queries and custom alerts within Microsoft Sentinel . Expertise in developing SIEM use cases and detection rules . Skilled in incident response and management procedures . Experienced in conducting deep-dive investigations and root cause analysis for incidents . Adept at collaborating with stakeholders to resolve complex cybersecurity challenges . Ability to automate routine SOC processes to enhance operational efficiency . Experienced in mentoring and guiding junior analysts in security operations . Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: . Excellent interpersonal (self-motivational, organizational, personal project management) skills . Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System . Ability to analyze cyber threats to develop actionable intelligence . Skill in using data visualization tools to convey complex security information Academic Qualifications: . Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) . 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management . Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks . Experience with SIEM migration . Expertise in incident response, threat detection, and security monitoring . Solid understanding of Windows, Linux, and cloud security concepts . Relevant certifications (e.g., CompTIA Security+, Microsoft Certified: Security Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred . Preferred Security Cloud Certifications: AWS Security Specialty Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we honor the visible and invisible elements of our identities, personal experiences, and belief systems-the ones that comprise us as individuals, shape who we are, and make us unique. We believe your personal interests, identities, and desire to learn are integral to your success here. We are committed to building a team that reflects a broad variety of backgrounds, perspectives, and experiences. about our inclusion and belonging efforts and the networks ZS supports to assist our ZSers in cultivating community spaces and obtaining the resources they need to thrive. If you're eager to grow, contribute, and bring your unique self to our work, we encourage you to apply. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To complete your application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At:

6 to 8 Years of Relevant Experience Must have had daily McAfee, SEP hands on technical experience in working with and supporting end point customers. Managing McAfee solution based VDI Environment. SEPM for the server-based environments. Creating and Managing policies Schedule the scans, on demand scans Need to have implementation, migration and Upgradation of the end points related to the antivirus solutions McAfee, Symantec for the VDI, server, desktop, thin client endpoints. Must have good experience working in managing End Point Security Estate & Products (Antivirus/Antimalware basic to Advance level of support) security. Must have good Experience in Operations enterprise security applications performing administration, implementation, configuration, upgrading, and policy creation. Administration of the McAfee ePO and SEPM (Symantec endpoint Management) environment along. Configure and resolve complex issues in a geographically dispersed environment. Configure Server Tasks to maintain the ePO SQL Database, System Tree structure, AD Synchronization, policies etc Monitor, and report on security data generated by the McAfee solutions & Symantec Solutions, respond and reduce security threats, provide risk assessments and recommendations. Identify process and technical improvements for the environment Establish and maintain configurations and policies. Administer McAfee policy Orchestrator (ePO) Create ePO queries, SEPM (Symantec) Policy management and reports to collect various deployment statistics as required. balance Experience with the McAfee ePO console Expertise working with various server and desktop operating systems, including Microsoft Windows, UNIX, and Mac OS Strong presentation and verbal communication skills Lead the discovery and documentation of client requirements Produce all project deliverables including as -built documentation, incident response plans and other security policy considerations General project management & - communication requirements Communicate highly technical content to various audiences ranging from client engineers to executive management

Job DescriptionTemplate Job Title Security Operations Center Technology Specialist Management Level: CL9 Location: Pune PDC3C Must have skills: Minimum of Associates degree in Computer Science, Information Technology Electrical Engineering or relevant field with 4 years Security application support Minimum of 4 years experience operating and supporting CCure 9000 and Genetec Omnicast. Experience directly supporting security applications in access control, video surveillance, or building management systems within a SOC environment. Basic IP networking knowledge, including device configuration and troubleshooting. Self-Starter Mentality: Ability to work independently, take initiative, and drive project to completion. Strong cross-functional collaboration skills, working with IT, security, operations, and leadership teams. Excellent problem-solving abilities, with a focus on troubleshooting and resolving technical issues efficiently. Proficiency in Microsoft Office Suite, particularly Excel, Power BI, SSRS, for reporting and analysis. Good to have skills: Experience with automation leveraging PowerAutomate. Experience with project/task management tools such as JIRA, Smartsheet, Asana, Monday.com, DevOps, or Microsoft Planner. Hands-on experience with SOC video wall systems. AutoCAD experience Excellent organization, analytical, and communication skills Rapport and influence building skills Excellent customer service Ability to learn quickly and to multitask; be adaptable and flexible Ability to work autonomously and in a team environment, while paying strict attention to detail Ability to adhere to timelines and deadlines with effective time management skills Must be able to work with and protect highly confidential information Strong decision-making ability during emergencies Demonstrated ability to drive organizational change, change management Demonstrated ability to influence cross-functional and cross-regional teams to drive collaboration and strategic outcomes for business ASIS CPP and or PSP certification Certified Information Systems Security Professional (CISSP) Strong knowledge of ISO 27001 Controls and Risk Management Framework Job Summary: Accenture's Global Protection and Security (GP&S) team is seeking a skilled security technology specialist to support the regional Security Operations Centers (SOC). Responsibilities include assisting with the managing/configuration of electronic access control and security video systems and acting as the local resource at both SOCs to implement the SOC Technology Manager's priorities.The ideal candidate has a strong background in Software House/HID electronic access control technologies and Genetec's Omnicast video management system, as well as familiarity with industry standards, application and alarm management, installation and maintenance of systems, along with strong communication skills and the ability to work collaboratively. This role requires a self-starter with strong task management skills, capable of driving initiatives independently while collaborating with cross-functional teams. The ideal candidate will have hands on experience in electronic access control, security video systems, IT infrastructure, and business intelligence reporting, with a strong focus on system health monitoring, workflow automation, security platform integrations, and troubleshooting networking protocols. The position provides hands-on support for security applications (CCure 9000, Genetec Mission Control, Everbridge, SureView.), SOC video wall systems, and networked security devices, while working closely with IT, security operations, and local leadership teams to optimize technology performance and incident response workflows. Roles & Responsibilities: Supports the Security Operations Center (SOC) and liaises with the SOC Technology Manager to support their security technology systems Assist with updating access control and video surveillance training materials Configure, maintain, and troubleshoot security applications, including CCure 9000, Genetec Security Center, and other access control/video management systems. Provide technical support for SOC video walls, ensuring proper functionality of hardware (monitors, controllers, matrix switchers, KVMs, etc.) and software (Genetec Security Desk, CMS platforms, SureView, etc.). Support device onboarding, configuration, and software updates for security and SOC hardware. Monitor operational security systems for errors, alerts, and system health, proactively resolving issues. Work closely with SOC operators to ensure their tools are functional, responsive, and aligned with operational needs. Assist with remote troubleshooting and system maintenance for global SOC locations. Network & Infrastructure Optimization: Support IP network configuration and connectivity troubleshooting for security devices and SOC systems. Ensure SOC technology integrates properly with IT-managed infrastructure and cloud-hosted platforms. Assist in implementing system enhancements for video streaming performance, network reliability, and SOC hardware efficiency. Incident Response & Cross-Functional Support: Act as a technical liaison between SOC teams, IT, and security operations, ensuring seamless security system performance. Participate in incident response workflows, helping troubleshoot and escalate security system issues impacting operations. Maintain and update SOC technology documentation, including system diagrams, troubleshooting steps, and support playbooks. Project & Task Management: Manage small-to-medium security technology projects, such as video wall upgrades, security system enhancements, and new SOC integrations. Collaborate with IT, security, and operations teams to execute technology initiatives and ensure timely delivery of upgrades and improvements. Support various project stakeholder by ensuring security video systems meet standards and are installed and configured correctly across all Accenture locations

Job Description Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion it's a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What you'll be doing Key Responsibilities: Proactively monitors the work queues. Performs operational tasks to resolve all incidents/requests in a timely manner and within the agreed SLA. Updates tickets with resolution tasks performed. Identifies, investigates, analyses issues and errors prior to or when they occur, and logs all such incidents in a timely manner. Captures all required and relevant information for immediate resolution. Provides second level support to all incidents, requests and identifies the root cause of incidents and problems. Communicates with other teams and clients for extending support. Executes changes with clear identification of risks and mitigation plans to be captured into the change record. Follows the shift handover process highlighting any key tickets to be focused on along with a handover of upcoming critical tasks to be carried out in the next shift. Escalates all tickets to seek the right focus from CoE and other teams, if needed continue the escalations to management. Works with automation teams for effort optimization and automating routine tasks. Ability to work across various other resolver group (internal and external) like Service Provider, TAC, etc. Identifies problems and errors before they impact a client's service. Provides Assistance to L1 Security Engineers for better initial triage or troubleshooting. Leads and manages all initial client escalation for operational issues. Contributes to the change management process by logging all change requests with complete details for standard and non-standard including patching and any other changes to Configuration Items. Ensures all changes are carried out with proper change approvals. Plans and executes approved maintenance activities. Audits and analyses incident and request tickets for quality and recommends improvements with updates to knowledge articles. Produces trend analysis reports for identifying tasks for automation, leading to a reduction in tickets and optimization of effort. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Certifications relevant to services supported. Certifications carry additional weightage on the candidate's qualification for the role. CCNA certification in must, CCNP in Security or PCNSE certification is good to have. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

You will provide tier two operational support, leading team efforts in resolution of incidents and outages for information security technology and its dependencies on Public and Private Cloud computing environments, shared platforms, and operating systems for more than three of the following technologies: Malware Analysis, SIEM (Splunk), Software-defined (Cloud) Network Security, Endpoint Security Protection, and Data Loss Prevention. You will ensure the team's adherence to SOPs, training, and performance monitoring for team members, and continuous process improvement for efficiency, including automation, wherever applicable. You will conduct recurring assessments of all the key SOC workflows to highlight process deficiencies as well as improvement opportunities for staff. Additionally, you will partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards. You will execute daily security technology administration functions, perform Root Cause Analysis (RCA) on applicable technology, validate the quality of dashboards and alerts, and suggest updates to reflect new threats and changes in the monitored environment. Furthermore, you will support the Security Operations team in its efforts on various technology projects and operational initiatives, work as a part of a team to ensure that Guardian customers" data, technology platforms, and infrastructure are available and safeguarded from cyber threats. You will follow ITIL practices regarding incident, problem, and change management, stay up to date with emerging cyber threats, industry best practices, and applicable regulatory requirements. Required Qualifications: - Being curious and having a desire to analyze anomalies - Desire and passion to learn and grow in Cybersecurity - Customer-focused demeanor - Minimum 4-6 years of proven experience in building and operating security controls in at least two of the following domains: Network/Perimeter Security, Enterprise Endpoint Security, DLP and Secure Data Transmission, Storage, and Access, Identity and Access Management / User Behavior Analytics - Understanding of security architecture, operating, and troubleshooting principles of Microsoft Windows and Linux operating systems - Strong experience in SIEM management, Endpoint security, Security incident handling, Data Loss Prevention, Threat intelligence, Team management, Documentation, Collaboration, and Continuous improvement - Bachelor's degree in computer science or a related field, along with relevant certifications such as CISSP, CISM, or CEH - Strong leadership skills, analytical skills, attention to detail, and the ability to work well under pressure - Ability to effectively work in a team and as an independent contributor on select projects Preferred Qualifications: - Recognized Security Industry and Public Cloud IaaS certifications - Familiarity with security industry standards and best practices - Familiarity with ITIL; experience with incident, problem, change, and risk management Location: This position can be based in Gurgaon.,

Technical Skills Required : Demonstrated experience with deploying and operating network security tools, including but not limited to IDS, firewalls, proxies and security gateways; Demonstrated experience supporting and managing Linux operating systems; Advanced level knowledge of TCP/ IP networking concepts and protocols, advanced technical knowledge of network security; Good level knowledge of key network services and technologies and most common application protocols such as DNS, IPsec, HTTP/ HTTPS; Demonstrated experience with conducting threat and vulnerability management work program, including threat analysis, vulnerability scanning and remediation; Demonstrated ability to implement vulnerability mitigation at all levels of the OSI network model. Must be able to quantify the severity of discovered vulnerabilities and prioritize remediation efforts; Demonstrated experience using commercial vulnerability scanning tools. Ability to work with system and application owners to ensure remediation of discovered vulnerabilities and rectify any false positive conditions; Advanced knowledge of interpreted languages such as Perl, Python, PowerShell, or Bash in addition to compiled languages such as C ; Ability to work well under pressure and to meet tight deadlines. Demonstrates a high level of motivation, confidence, integrity and responsibility; Soft Skills Expertise : Demonstrate excellent interpersonal skills; including the ability to work independently, effectively in a team/ task force as a team member or leader, and with senior staff and managers; Demonstrated ability to listen and integrate ideas from diverse views, create partnerships and collaborate with others, advocate and influence, resolve conflicts constructively, and work effectively across boundaries even without active guidance from the management; Excellent communication skills both written and verbal include the capacity to communicate complex and technical issues in simple terms; Analytical skills required.

You will be providing tier two operational support and leading team efforts in resolving incidents and outages for information security technology and its dependencies on Public and Private Cloud computing environments, shared platforms, and operating systems for more than three of the following technologies: Malware Analysis, SIEM (Splunk), Software-defined (Cloud) Network Security, Endpoint Security Protection, and Data Loss Prevention. Your responsibilities will include ensuring the team's adherence to SOPs, providing training and performance monitoring for team members, and focusing on continuous process improvement for efficiency, including automation wherever applicable. You will also be conducting recurring assessments of all key SOC workflows to identify process deficiencies and improvement opportunities for staff. Additionally, you will be partnering with other technology teams to handle and respond to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards. You will execute daily security technology administration functions, perform Root Cause Analysis (RCA) on applicable technology, and validate the quality of dashboards and alerts to suggest updates reflecting new threats and changes in the monitored environment. Furthermore, you will be supporting the Security Operations team in various technology projects and operational initiatives, working as part of a team to ensure that Guardian customers" data, technology platforms, and infrastructure are available and safeguarded from cyber threats. You will follow ITIL practices regarding incident, problem, and change management and stay up to date with emerging cyber threats, industry best practices, and applicable regulatory requirements. Required qualifications for this role include being curious and having a desire to analyze anomalies, a passion for learning and growing in Cybersecurity, a customer-focused demeanor, and a minimum of 3 years of proven experience in building and operating security controls in at least two of the specified domains. You should also have an understanding of security architecture, operating and troubleshooting principles of Microsoft Windows and Linux operating systems, as well as experience in SIEM management, endpoint security, security incident handling, data loss prevention, and threat intelligence. Preferred qualifications include recognized Security Industry and Public Cloud IaaS certifications, familiarity with security industry standards and best practices, and experience with ITIL and incident, problem, change, and risk management. This position can be based in Chennai or Gurgaon.,

Preferred Skill Set: - 1. Deploy, configure, and maintain open-source security tools 2. Experience with scripting languages such as Python or Bash. 3. Knowledge of IT infrastructure, networking, and security principles. 4. Experience with other monitoring and logging tools. 5. Understanding of cloud environments and integrations with Splunk. Roles And Responsibilities: - Install, configure, and maintain Splunk environments, including indexers, search heads, forwarders, and deployment servers. Monitor the health and performance of Splunk components and take proactive measures to ensure high availability and reliability. Plan and execute upgrades and patches to the Splunk environment. Onboard data from various sources, including logs, metrics, and events, ensuring data integrity and proper indexing. Create and manage data inputs, parsing rules, and data transformations. Implement and maintain data retention and archiving policies. Develop detection rules to support our SOCs alerting and response capabilities. Provide expert analytic investigative support to analysts for complex security incidents. Review security controls measures, identify gaps in the security architecture, and implement improvements or enhancements as needed. Deploy, configure, and maintain open-source security tools such as Snort, OSSEC, Suricata, OpenVAS, Zeek, Metasploit, and others. Train and mentor junior team members on the use and administration of open-source security tools. Collaborate with IT and development teams to integrate security tools into the overall security architecture and workflows. Design, implement, and manage security measures for cloud environments (e.g., AWS, Azure, Google Cloud). Configure and manage cloud security tools and services, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems. Develop and enforce DLP policies and rules to prevent data breaches and unauthorized data transfers. Customize DLP policies to meet the organization's specific needs and regulatory requirements. Conduct regular reviews and updates of DLP policies in response to evolving threats and business changes. Soft Skills: Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Attention to detail and a proactive approach to security issues. Certification: Splunk Administrator , CEH, CCSP, CISSP

Description We are seeking a skilled SOC L2/L3 Professional to join our security operations team in India. The ideal candidate will be responsible for monitoring security incidents, conducting in-depth investigations, and implementing effective security measures to protect our organization from cyber threats. Responsibilities Monitor security alerts and incidents, analyze security breaches, and respond to security incidents. Conduct thorough investigations of security events and provide detailed reports to management. Collaborate with other teams to implement security measures and enhance overall security posture. Maintain and update documentation related to incident response and security processes. Provide mentorship and training to junior SOC team members. Skills and Qualifications 4-6 years of experience in a Security Operations Center (SOC) environment. Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent. Able to work shifts on a rotating basis for 24/7 support of clients. Experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc. Knowledge of Advanced Persistent Threats (APT) tactics, technics and procedures. Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc. Understanding of common network infrastructure devices such as routers and switches. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP. Basic knowledge in system security architecture and security solutions. Relevant certifications such as CISSP, CEH, CISM, or CompTIA Security+ are preferred.