CyberSecurity Specialist

Knowledge, Skills and Abilities:

• Foundational Cybersecurity Knowledge - Demonstrates working knowledge of cybersecurity fundamentals, including confidentiality, integrity, and availability (CIA); access control concepts; and defense-in-depth strategies. Recognizes common attack types, tactics, and vulnerabilities, and applies this understanding to alert validation and triage. 


• Networking and Operating System Fundamentals - Understands how core network protocols (TCP/IP, DNS, HTTP, etc.) and the OSI model relate to system communications. Utilizes this knowledge to identify abnormal network traffic and system behavior. Operates comfortably in multiple OS environments and interprets basic system and event logs. 


• Security Tools and Technologies - Proficiently operates standard SOC monitoring tools such as SIEM, IDS/IPS, and EDR platforms. Collects, reviews, and interprets logs for indications of compromise. Uses vulnerability scanners and antivirus platforms to identify and verify potential risks. 


• Cyber Defense and Detection Concepts - Applies detection methodologies to identify and validate anomalies and potential intrusions. Understands signature-based and behavioral detection models, and supports tuning or rule enhancement activities by providing relevant observations. 


• Incident Response Awareness - Executes standard triage and response actions during security incidents in accordance with defined playbooks. Documents case findings accurately and escalates as appropriate based on impact and scope. 


• Risk and Compliance Fundamentals - Recognizes how risk management and compliance frameworks (ISO, HIPAA, PCI DSS) apply to SOC operations. Identifies and reports deviations from policies or standards and participates in routine evidence gathering. 


• Cryptography and Data Protection - Understands core encryption and key management principles, including proper handling of sensitive data. Applies privacy standards when managing logs or data that include PII, PHI, or PCI information. 


• Analytical and Problem-Solving Skills - Analyzes event data to determine patterns and relationships between security alerts. Applies logical reasoning and investigative methodology to identify root causes and assist with containment or remediation. 


• Communication and Documentation Skills - Produces clear, concise, and accurate documentation within ticketing and reporting systems. Communicates technical findings effectively to peers and supervisors, ensuring continuity of investigations across shifts. 


• Professional and Ethical Conduct - Adheres to Avertium and client security policies, confidentiality agreements, and data handling standards. Models responsible cyber hygiene and professional integrity in all actions and communications. 


• Continuous Learning and Adaptability - Pursues ongoing development through internal training, certifications, and peer mentorship. Actively incorporates feedback from senior analysts to improve analytical efficiency and technical acumen. 

Certifications:

• Required (or be able to obtain): Microsoft SC200, Sentinel 1 SIREN 
• Desirable: Microsoft AZ500  
• Example additional considerations or equivalents such as (not all inclusive):  A+/Network+, CCT, DFE, CSA, GISF, ECSS