IR & SOC Analyst
-Knowledge in web development
-Intelligent reports [tools (scan, subDomains, use of KeyBase, good understanding of Malwares - kinds & types of actions, searching the Darknet), ideas, origins, good understanding of PT's scanning tools, IOC's]
- good understanding of Practical Malware Analysis book (emphasis on the first three episodes + labs).
-good understanding of:
Windows Internals [scripts, OS elements - AD, memory, files, registry, SYSMON, Domain (users, permissions, authentication methods)]
Basic WEB architecture
Communication (OSI, communication flow, known protocols, Traffic analysis tool)
Rules formats - stix, sigma, yara (including writing rules)
Defense tools - SIEM (creation of rules, alerts & ability to set up one In the cloud and analyze his computer), MDM, Mail Relay, EDR, WAF, FW, NAC, DLP.
Attack techniques (web & infrastructure attacks)
Python, powershell, bash.
Security Auditor & Pentester
- Performing penetration tests and auditing on client, web and mobile applications and on network infrastructures.
- Examine and understand complex applications and architectures.
- Detecting and exploiting weaknesses and vulnerabilities in applications and networks.
- Working in Linux and Windows environments
- Delivering pen-test reports followed by best practices and common mitigations - Performing code reviews and detecting programming flaws.
- Assessing risks to client from findings.
- Good understanding of network communication and protocols.
- Basic understanding of security concepts.
- Prior programming knowledge - preferably python.
- Knowledge of secure coding.
- Experience in working in Linux environment.
- Understanding of common threats and attack vectors.
- Experience in attacking machines.