Consultant, Core Cyber Ops

Job Description

The Consultant, Core Cyber Operations - SOC job enhances our security operations by supporting organization-wide cybersecurity threat detection and response processes. The ideal candidate will have a background in incident response, cybersecurity, security operations, and/or networking. This job is part of the team responsible for identifying, analyzing, and mitigating cyber threats, ensuring a robust security posture, and facilitating compliance with legal and regulatory requirements. With limited supervision, this job supports the following functions. Key Accountabilities SECURITY MONITORING: Continuously monitor security alerts and events using SIEM tools to identify potential threats. Analyze logs and network traffic to detect anomalies and suspicious activities. INCIDENT RESPONSE: Assist in the initial triage and investigation of security incidents. Follow established protocols to escalate incidents to senior analysts and document findings. LOG ANALYSIS: Perform detailed analysis of logs from various sources (e.g., EDR, firewalls, IDS/IPS, servers) to identify and investigate security incidents. THREAT INTELLIGENCE: Utilize threat intelligence feeds to stay informed about emerging threats. Apply this knowledge to enhance detection capabilities and improve response strategies. DOCUMENTATION: Document security incidents thoroughly, including steps taken and outcomes. Create and maintain process documentation to ensure consistent and efficient security operations. Qualifications ESSENTIAL FUNCTIONS INCIDENT RESPONSE: Leads and guides incident detection, response, and recovery processes to ensure effective and efficient management of cyber incidents. CYBER SERVICES VISIBILITY: Oversees the design and operation to assure situational visibility for all cyber services, including foundational cyber analytics and automation. THIRD PARTY COMPROMISE: Fosters partnerships on third party compromise response activities to address and mitigate risks associated with external entities. MINIMUM & TYPICAL YEARS OF WORK EXPERIENCE Minimum requirement of 2 years of relevant work experience. Typically reflects 3 years or more of relevant experience. Understanding of cybersecurity principles, threat detection, and incident response.