Job Description

Job Purpose and Impact
The Consultant, Core Cyber Operations - SOC job enhances our security operations by supporting organization-wide cybersecurity threat detection and response processes. The ideal candidate will have a background in incident response, cybersecurity, security operations, and/or networking. This job is part of the team responsible for identifying, analyzing, and mitigating cyber threats, ensuring a robust security posture, and facilitating compliance with legal and regulatory requirements. With limited supervision, this job supports the following functions.
Key Accountabilities
SECURITY MONITORING: Continuously monitor security alerts and events using SIEM tools to identify potential threats. Analyze logs and network traffic to detect anomalies and suspicious activities.
INCIDENT RESPONSE: Assist in the initial triage and investigation of security incidents. Follow established protocols to escalate incidents to senior analysts and document findings.
LOG ANALYSIS: Perform detailed analysis of logs from various sources (e.g., EDR, firewalls, IDS/IPS, servers) to identify and investigate security incidents.
THREAT INTELLIGENCE: Utilize threat intelligence feeds to stay informed about emerging threats. Apply this knowledge to enhance detection capabilities and improve response strategies.
DOCUMENTATION: Document security incidents thoroughly, including steps taken and outcomes. Create and maintain process documentation to ensure consistent and efficient security operations.
Qualifications
ESSENTIAL FUNCTIONS
INCIDENT RESPONSE: Leads and guides incident detection, response, and recovery processes to ensure effective and efficient management of cyber incidents.
CYBER SERVICES VISIBILITY: Oversees the design and operation to assure situational visibility for all cyber services, including foundational cyber analytics and automation.
THIRD PARTY COMPROMISE: Fosters partnerships on third party compromise response activities to address and mitigate risks associated with external entities.
MINIMUM & TYPICAL YEARS OF WORK EXPERIENCE
Minimum requirement of 2 years of relevant work experience. Typically reflects 3 years or more of relevant experience.
Understanding of cybersecurity principles, threat detection, and incident response.