Roles & Responsibilities:
?Collects, analyzes, and enriches event information and perform threat or target analysis duties.
?Interprets, analyzes, and reports all events and anomalies in accordance with Computer Network Directives, including initiating, responding, and reporting discovered events.
?Manages and executes multi-level responses and addresses reported or detected incidents.
?Providing reporting and metrics around security monitoring by designing dashboards for asset owners and management consumption.
?Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers.
?Develops focused reporting and briefings for advanced cyber threats and activity to various teams and leaders.
?Provides correlation and trending of Program’s cyber incident activity
?Create TTPs, AARs, and ability to do deep dive investigations on complex incidents.
?Improving the service level for security operations and monitoring. Creating and maintaining system documentation for security event processing.
?Author Standard Operating Procedures (SOPs) and training documentation.
?Act a SME and trainer to T2 and T1 personal as needed.