.Purpose Statement: The Security Operations Analyst uses advanced network and host-based tools to search through datasets to detect and respond to imminent and potential threats that evade traditional security solutions. The Security Operations Analyst is responsible for day-to-day security threat monitoring, analysis, and response. Responsible for managing security incidents and reviewing security alerts, known or suspected security threats, as part of the incident response lifecycle. The Security Operations Analyst is focused on adhering to threat intelligence gathering and integration, forensics, incident response, & vulnerability management best practices.Key Job Accountabilities:- Conduct operational monitoring and investigate incidents using SIEM and UEBA technologies, packet captures, reports, data visualization, and pattern analysis. Perform real-time alert monitoring and risk mitigation.- Serve as an escalation point for other analysts during the course of advanced incident investigation and provide Incident Response (IR) support when analysis confirms actionable incident.- Use logs & forensic data to develop timeline for an incident to understand what happened in detail.- Investigate, document, and report on information security issues and emerging trends.- Provide intermediate-level event analysis, incident detection, and guidance on response action plans for events and incidents. Support the analysis of the results of a wide range of threat detection and incident response platforms.- Leverage threat intelligence (to include Open-Source Intelligence (OSINT)) to identify and search for new malicious Indicators of Compromise (IOCs).- Leverage security tool stack to implement new or enhanced threat detection logic, signatures, and/or IOCs.- Leverage variety of security tools and offensive security techniques to assist in the planning & executing of ethical penetration tests for the evaluation of cybersecurity risk.Additional Accountabilities:- Maintain knowledge of cybersecurity best practices and emerging technology, including frameworks and regulations & current threat trends.- Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities.- Develop and implement appropriate security operations documentation, including runbooks, playbooks, and procedures.- Creation of operational dashboards and will regularly report key performance indicators and metrics.- Collect and analyze artifacts including malicious executables, scripts, documents, and packet captures.- Exhibit strong critical thinking and problem solving skills with sound judgement.- Maintain or develop professional contacts within the various communities in support of operations.- Configuration & sustainment of data sources; fine tuning of alerts to enable operational monitoring.- Additional duties as required