Good know how to examine a company's security setup, including threat modeling, specifications, implementation, testing, and vulnerability assessment.
Good understanding of security issues associated with operating systems, networking, and virtualization software.