Here are my professional skills:
Experienced in Network Security Monitoring and Incident Response supporting a 24x7x365 operations model.
Experience in analysis of network, host, and infrastructure event data.
Knowledge of attack vectors, threat tactics, and attacker techniques.
The ability to analyze event and systems logs and correlate with incident response related data as needed.
Solid understanding of incident response best practices and processes.
Understanding of Windows operating systems, Windows command line tools, and Windows Security Event logs.
A solid foundation in networking fundamentals, with a deep understanding of TCP/IP and other core protocols.
Solid understanding of web proxies and HTTP/HTTPS traffic inspection.
Familiarity with intrusion detection systems (e.g., Bro, Snort) and tools (e.g., tcpdump, Wireshark).
Knowledge of network-based services and client/server applications.
Experience correlating events from disparate data sources in order to find evidence of compromise.
Ability to use verbal communication skills to effectively interact with colleagues.
Experienced in effective writing and delivering incident reports to customers in a high-pressure environment.
Work Experience As an Incident Responder:
Incident validation and prioritization: Assess potential business impact
Determine which incidents are likely to pose a risk to the enterprise and prioritize those with the highest potential for negative impact on the business.