1) Should have handson experience in any one of the SIEM tools like - IBM Qradar / Arcsight / IDS / IRS / AlienVault / Mcafee Nitro / Gigamen / RSA Envision / Alert Logic.
2) Should have experience in Symantec Endpoint
Compliance Tracking (SOX, PCI, SOC, AML): To keep track of the logging status for the various systems that has to be monitored for compliance purposes.
3) Monitoring of SecMon Alerts and Offenses: Review, analyze, and report on security logs and security alerts.
4) Review, analyze, and report on security logs and security alerts utilizing looking for alerts in IPS, Imperva WAF, DAM, FireEye, Aruba, Proofpoint etc. to support the analysis of the event triggered
5) Correlate logs and alerts into attack patterns:
o Primary: Report and Notify Security Engineers
o Secondary: Learn attack pattern recognition