- Certified Professionals
Sample Job Descriptions
SANS GIAC knows that finding the right candidate is difficult and time consuming for recruiters and HR professionals. Job descriptions are the first thing many professionals seeking a job in cyber security will encounter. The job description has to be thorough yet wide ranging enough to lure enough qualified candidates for a successful interview pool.
We reached out to leading, managing information security professionals and procured job descriptions that we believe will help any person seeking a cyber security professional land the right candidate.
Security Engineer - Analyst, Associate, or Senior
CERTIFICATION: GSEC, GCIH, GCIA or other industry relevant certifications
The [Analyst, Associate, or Senior] Security Engineer will focus on security intelligence, anomaly hunting and incident response. The Engineer must leverage intuition, security knowledge and broad of array of tools and advanced security techniques to uncover malicious activity.
Security Analyst - Associate or Senior Security Operations Center (SOC)
CERTIFICATION: GCIH, GCIA, GNFA or other industry relevant certifications
A Security Analyst will have proven their skills in Information Security, Information Systems, Packet Analysis, and Data Loss Prevention.
The Security Analyst provides support for complex computer network exploitation and defense techniques to include deterring, identifying and investigating computer and network intrusions; providing incident response and remediation support; performing comprehensive computer surveillance/monitoring, identifying vulnerabilities; developing secure network designs and protection strategies, and audits of information security infrastructure. The analyst will provide technical support for continuous monitoring and computer exploitation; specifically the identification of target mapping and profiling, network decoy and deception operations in support of computer intrusion defense operations. The Analyst will provide technical support for forensics services to include evidence seizure,. Further, the Analyst will research and maintain proficiency in open source and commercial computer exploitation tools, attack techniques, procedures and trends.
ICS Security Engineer / Specialist
CERTIFICATION: GICSP, GRID, GCIH, or other industry relevant certifications
An ICS Security Engineer / Specialist will have proven experience protecting industrial control systems (ICS) in critical infrastructure and key resource sectors such as electric power, oil & gas, water, chemical, and critical manufacturing.
The ICS Security Engineer / Analyst works with control system SMEs and operational staff to design, implement and support the security of ICS networked systems. This role must be familiar with security technologies such as firewall logs, IDS, endpoint security solutions, access control systems, and other related security technologies within ICS environment. Incident response and handling in an ICS environment to include investigating computer and network intrusions; remediation support; performing comprehensive computer surveillance/monitoring, identifying vulnerabilities; developing secure network designs and protection strategies, and audits of information security infrastructure.