* Strong background in security operations and security systems management
* Expert understanding of common SIEM architecture, principles, operations and controls
Expert understanding of intrusion detection/prevention technologies, trends, vendors, processes and methodologies.
* Expert understanding of common intrusion detection/intrusion prevention (IDS/IPS) architectures and implementations.
* Expert understanding of intrusion signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
* Advanced understanding of information security principles
* Advanced understanding of security, privacy, audit and legal security standards, guidelines and principles
* Advanced understanding of application design and architecture implementation
Experience with the following products are strongly preferred:
* ArcSight ESM
* ArcSight Logger and ArcSight Connector Appliances
* Sourcefire Intrusion Prevention Products and Management
* McAfee HIPS and McAfee ePolicy Orchestrator (ePO)
* IBM Site Protector
* IBM Proventia Server or Server Protection for Windows