Sr. Consultant, Core Cyber Ops

Job Purpose and Impact
The Senior Consultant, Core Cyber Operations - SOC job enhances our security operations by supporting organization-wide cybersecurity threat detection and response processes. The ideal candidate will have a background in incident response, cybersecurity, and/or security operations. This job is part of the team responsible for identifying, analyzing, and mitigating cyber threats, ensuring a robust security posture, and facilitating compliance with legal and regulatory requirements. With minimal supervision, this job supports the following functions:
Key Accountabilities

• INCIDENT RESPONSE: Lead response to a wide range of cybersecurity incidents. Conduct deeper investigations, confirm incidents, and lead containment efforts based on escalations from SOC analysts. Follow established protocols and document findings.
• SECURITY MONITORING: Design, implement, and manage solutions to enhance incident response processes. Continuously monitor security alerts and events using SIEM tools to identify potential threats. Analyze logs and network traffic to detect anomalies and suspicious activities.
• LOG ANALYSIS: Perform detailed analysis of logs from various sources (e.g., EDR, firewalls, IDS/IPS, servers) to identify and investigate security incidents.
• THREAT INTELLIGENCE: Utilize threat intelligence feeds to stay informed about emerging threats. Apply this knowledge to enhance detection capabilities and improve response strategies.
• DOCUMENTATION: Document security incidents thoroughly, including steps taken and outcomes. Create and maintain process documentation to ensure consistent and efficient security operations.
• INCIDENT RESPONSE: Leads and guides incident detection, response, and recovery processes to ensure effective and efficient management of cyber incidents.
• CYBER SERVICES VISIBILITY: Oversees the design and operation to assure situational visibility for all cyber services, including foundational cyber analytics and automation.
• THIRD PARTY COMPROMISE: Fosters partnerships on third party compromise response activities to address and mitigate risks associated with external entities.

Qualifications

• Minimum requirement of 6 years of relevant work experience. Typically reflects 8 years or more of relevant experience.
• Strong knowledge of cybersecurity principles, threat detection, and incident response.
• Proven experience in IR (Incident Response).