Job
Description
The Consultant, Core Cyber Operations - SOC role plays a crucial part in enhancing our security operations by aiding in organization-wide cybersecurity threat detection and response processes. The ideal candidate for this position should possess a strong background in incident response, cybersecurity, security operations, and networking. This job entails being part of a team dedicated to identifying, analyzing, and mitigating cyber threats, ensuring a robust security posture, and ensuring compliance with legal and regulatory standards. Working with minimal supervision, you will be responsible for supporting various functions including security monitoring, incident response, log analysis, threat intelligence utilization, and documentation. In the realm of security monitoring, you will be tasked with continuously monitoring security alerts and events using SIEM tools to spot potential threats. Your role will involve analyzing logs and network traffic to identify anomalies and suspicious activities. During incident response, you will contribute to the initial triage and investigation of security incidents, following predefined protocols to escalate incidents to senior analysts and documenting findings. Additionally, you will conduct detailed log analysis from diverse sources such as EDR, firewalls, IDS/IPS, and servers to identify and investigate security incidents. Leveraging threat intelligence feeds to stay updated about emerging threats, you will apply this knowledge to enhance detection capabilities and refine response strategies. One of your key responsibilities will be documenting security incidents comprehensively, including the steps taken and outcomes, while also creating and maintaining process documentation to ensure consistent and efficient security operations. In terms of qualifications, the essential functions include leading and guiding incident detection, response, and recovery processes to ensure effective management of cyber incidents. You will also oversee the design and operation to ensure situational visibility for all cyber services, encompassing foundational cyber analytics and automation. Building partnerships for third party compromise response activities to address and mitigate risks associated with external entities is another crucial aspect of this role. The minimum requirement for this position is 2 years of relevant work experience, with a typical expectation of 3 years or more of relevant experience. A solid understanding of cybersecurity principles, threat detection, and incident response is essential for success in this role.,
