Senior Consultant, Core Cyber Ops

Responsibilities:

Incident Response:

• Lead the response to a wide range of cybersecurity incidents. Conduct in-depth investigations, validate incidents, and drive containment efforts based on escalations from SOC analysts. 
• Follow established protocols and document findings thoroughly.

Security Monitoring:

• Design, implement, and manage solutions to enhance incident response processes. Continuously monitor security alerts and events using SIEM tools to identify potential threats. 
• Analyze logs and network traffic to detect anomalies and suspicious activities.

Log Analysis:

• Perform detailed analysis of logs from multiple sources (e.g., EDR, firewalls, IDS/IPS, servers) to identify and investigate security incidents.

Threat Intelligence:

• Leverage threat intelligence feeds to stay informed about emerging threats. 
• Apply insights to improve detection capabilities and strengthen response strategies.

Documentation:

• Document security incidents comprehensively, including actions taken and outcomes. 
• Develop and maintain process documentation to ensure consistent and efficient security operations.

Incident Response Leadership:

• Lead and guide incident detection, response, and recovery processes to ensure effective and efficient management of cybersecurity incidents.

Cyber Services Visibility:

• Oversee the design and operation of systems that provide situational visibility across all cyber services, including foundational analytics and automation.

Third-Party Compromise Management:

• Build and maintain partnerships to address and mitigate risks associated with third-party compromises.

Requirements:

• Minimum of 6 years of relevant work experience (typically 8+ years preferred).
• Strong knowledge of cybersecurity principles, threat detection, and incident response.
• Proven experience in Incident Response (IR).