새로운 것을 포용하십시오.
새로운 가능성을 만드십시오.

Job Purpose and Impact

The Consultant, Core Cyber Operations - SOC job enhances our security operations by supporting organization-wide cybersecurity threat detection and response processes. The ideal candidate will have a background in incident response, cybersecurity, security operations, and/or networking. This job is part of the team responsible for identifying, analyzing, and mitigating cyber threats, ensuring a robust security posture, and facilitating compliance with legal and regulatory requirements. With limited supervision, this job supports the following functions.

Key Accountabilities

·SECURITY MONITORING: Continuously monitor security alerts and events using SIEM tools to identify potential threats. Analyze logs and network traffic to detect anomalies and suspicious activities.

·INCIDENT RESPONSE: Assist in the initial triage and investigation of security incidents. Follow established protocols to escalate incidents to senior analysts and document findings.

·LOG ANALYSIS: Perform detailed analysis of logs from various sources (e.g., EDR, firewalls, IDS/IPS, servers) to identify and investigate security incidents.

·THREAT INTELLIGENCE: Utilize threat intelligence feeds to stay informed about emerging threats. Apply this knowledge to enhance detection capabilities and improve response strategies.

·DOCUMENTATION: Document security incidents thoroughly, including steps taken and outcomes. Create and maintain process documentation to ensure consistent and efficient security operations.

Qualifications

ESSENTIAL FUNCTIONS

·INCIDENT RESPONSE: Leads and guides incident detection, response, and recovery processes to ensure effective and efficient management of cyber incidents.

·CYBER SERVICES VISIBILITY: Oversees the design and operation to assure situational visibility for all cyber services, including foundational cyber analytics and automation.

·THIRD PARTY COMPROMISE: Fosters partnerships on third party compromise response activities to address and mitigate risks associated with external entities.

MINIMUM & TYPICAL YEARS OF WORK EXPERIENCE

·Minimum requirement of 2 years of relevant work experience. Typically reflects 3 years or more of relevant experience.

·Understanding of cybersecurity principles, threat detection, and incident response.