An active interest in Internet Security, incident detection, network and systems security
A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
Demonstrable experience of analysing and interpreting system, security and application logs
Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce
Experience in using SIEM tools such as ArcSight, Envison, Splunk, NitroSecurity
TCP/IP knowledge, networking and security product experience
Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc.
CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable