Monitors, analyzes, and remediates cybersecurity events by adhering to defined operating procedures; working problem tickets and outstanding
cases; documenting analytical steps during alert research and remediation; running commands and executing scripts; and communicating with
stakeholders during event troubleshooting and research.
Supports Security Operations Center processes and procedures by responding to stakeholder questions and problems; collaborating with the team;
modifying alert logic for higher fidelity and identifying new risk detection; researching and monitoring service level functions and analyst metrics (for
example, performance, consistency, reliability); participating in focused incident remediation and incident management team initiatives; and
monitoring alerts and other application checks and balances.
Identifies advanced risks and cyberattacks by leveraging big data analytic methodologies such as data visualization tools to perform subtle event
Improves quality of analytical capabilities by remediating missing standard operating procedures and missing or failed critical cybersecurity alerts; and
drafting and reviewing new standard operating procedures for new cybersecurity alerts.
Demonstrates up-to-date expertise and applies this to the development, execution, and improvement of action plans by providing expert advice and
guidance to others in the application of information and best practices; supporting and aligning efforts to meet customer and business needs; and
building commitment for perspectives and rationales.
Provides and supports the implementation of business solutions by building relationships and partnerships with key stakeholders; identifying business
needs; determining and carrying out necessary processes and practices; monitoring progress and results; recognizing and capitalizing on
improvement opportunities; and adapting to competing demands, organizational changes, and new responsibilities.
Models compliance with company policies and procedures and supports company mission, values, and standards of ethics and integrity by
incorporating these into the development and implementation of business plans; using the Open Door Policy; and demonstrating and assisting others
with how to apply these in executing business processes and practices.
Outlined below are the required minimum qualifications for this position. If none are listed, there are no minimum qualifications.Bachelor’s degree in Computer Science, Information Technology, Engineering, Computer Information Systems, or related field and 1 year's
Outlined below are the optional preferred qualifications for this position. If none are listed, there are no preferred qualifications.Certified Intrusion analyst (GCIAs), GIAC Certified Enterprise Defender (GCED), Certified Geographic Information Systems Professional (GISP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Security+ certification, Certified ArcSight Engineer, and/or SIEM platform certifications, Experience in cybersecurity within the past 5 years, Experience with at least two of the following technologies: SIEM, IDS/IPS, Firewall, Antivirus, Web Proxies, Authentication, Cryptography, Unix/Windows server administration, and/or network administration