**Job Purpose and Impact** The Consultant, Core Cyber Operations - SOC job enhances our security operations by supporting organization-wide cybersecurity threat detection and response processes. The ideal candidate will have a background in incident response, cybersecurity, security operations, and/or networking. This job is part of the team responsible for identifying, analyzing, and mitigating cyber threats, ensuring a robust security posture, and facilitating compliance with legal and regulatory requirements. With limited supervision, this job supports the following functions. **Key Accountabilities** · SECURITY MONITORING: Continuously monitor security alerts and events using SIEM tools to identify potential threats. Analyze logs and network traffic to detect anomalies and suspicious activities. · INCIDENT RESPONSE: Assist in the initial triage and investigation of security incidents. Follow established protocols to escalate incidents to senior analysts and document findings. · LOG ANALYSIS: Perform detailed analysis of logs from various sources (e.g., EDR, firewalls, IDS/IPS, servers) to identify and investigate security incidents. · THREAT INTELLIGENCE: Utilize threat intelligence feeds to stay informed about emerging threats. Apply this knowledge to enhance detection capabilities and improve response strategies. · DOCUMENTATION: Document security incidents thoroughly, including steps taken and outcomes. Create and maintain process documentation to ensure consistent and efficient security operations. **Qualifications** **ESSENTIAL FUNCTIONS** · INCIDENT RESPONSE: Leads and guides incident detection, response, and recovery processes to ensure effective and efficient management of cyber incidents. · CYBER SERVICES VISIBILITY: Oversees the design and operation to assure situational visibility for all cyber services, including foundational cyber analytics and automation. · THIRD PARTY COMPROMISE: Fosters partnerships on third party compromise response activities to address and mitigate risks associated with external entities. **MINIMUM & TYPICAL YEARS OF WORK EXPERIENCE** · Minimum requirement of 2 years of relevant work experience. Typically reflects 3 years or more of relevant experience. · Understanding of cybersecurity principles, threat detection, and incident response.