Responsibilities

• Oversee and participate in incident response.
• Analyzing cyber threats and networks intrusions.
• Oversee and participate advanced forensic investigations (host and network).
• Assist in the development of security policies and procedures.
• Monitor security alerts, SIEM tools, host and network IDS, system logs, and firewall logs (Unix and Windows).
• Create and maintain incident response policy and procedure updates as needed.
• Mentor Level 2 and Level 1 analysts, and serve as the escalation point for security incidents. 

Qualifications

• Ability to work in teams.
• Experience with SIEM software and IDS/IPS
• Advanced knowledge and understanding of network devices and protocols.
• Experience with Mac OS, Windows, and Unix systems.
• Experience in event log analysis and ability to recognize emerging cyber intrusions/attacks.
• Ability to work in a high pressure environment
• Experience using Splunk
• Experience with forensic tools FTK or EnCase

One of more of these skills are desired:  threat hunting, static/dynamic malware analysis, or reverse engineering. Scripting experience can be useful as well.