Cybersecurity Operations Job Description
Cybersecurity operations
provides intermediate expertise regarding the analysis of logs associated with security technologies, including Intrusion Detection and Prevention Systems, Firewalls and Log Analysis, SIEM, Network Behavior Analysis Tools, Antivirus, Network Packet Analyzers, malware analysis and forensic tools.
Cybersecurity Operations Duties & Responsibilities
To write an effective cybersecurity operations job description, begin by listing detailed duties, responsibilities and expectations. We have included cybersecurity operations job description templates that you can modify and use.
Sample responsibilities for this position include:
Provides analysis of and suggested solutions to complex cybersecurity systems’ issues, complex conceptual analysis
Provide initial configuration and troubleshooting for McAfee, ServiceNow, and Tripwire IP360 products supporting network monitoring, device detection, endpoint software inventory, configuration compliance assessments, and vulnerability detection
Provide testing, analysis, and documentation for COC maintenance releases
Serious bonus points awarded for experience implementing security solutions within a security operations or intelligence center
Delivers a partnered role in providing network and system security advance and risk analysis to business units who engage with the Information Security team
Reviewing system logs security logs to ensure that end user actions adhere to JPMC security standards
Working with global teams to drive efficiencies
Documenting team procedures and workflows
Manage the performance of the team by regular and consistent coaching, interim and annual reviews corrective action planning and follow-up
Examine network topologies and application designs to understand and identify data flows throughout the environment
Cybersecurity Operations Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cybersecurity Operations
List any licenses or certifications required by the position: CISSP, CISM, CISA, SSL, CRISC, CEH, COMPTIA, CCSP, ITIL, FIPS
Education for Cybersecurity Operations
Typically a job would require a certain level of education.
Employers hiring for the cybersecurity operations job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Systems, Technology, Engineering, Information Technology, Technical, Information Security, Computer, Computer Engineering, Education
Skills for Cybersecurity Operations
Desired skills for cybersecurity operations include:
Network security technologies
Log formats
Network monitoring
Relevant network defense and intelligence frameworks
SIEM technologies
Security operations
Analysis
Configuration control technologies
Troubleshooting
Cyber Kill Chain
Desired experience for cybersecurity operations includes:
An understanding of networks, workstation, server and database design/operational principles mapped to effective control mechanisms
Bachelor Degree or equivilant
Knowledge of the capabilities and functionality associated with various technologies for organizing and managing information
Understanding of system and application security threats and vulnerabilities
Familiarity with Linux and Windows operating systems and at least one scripting language
Engage with lines of business to ensure collection-to-alerting infrastructure is business aligned
Cybersecurity Operations Examples
1
Cybersecurity Operations Job Description
Job Description Example
Our innovative and growing company is looking for a cybersecurity operations. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for cybersecurity operations
- Conduct on-site required IA tests and document the results of the tests
- Attend Meetings and Conference Calls
- Identify Risks as they are associated with Cybersecurity
- Act as a cybersecurity expert during software development, software integration, Information Assurance (IA), Test & Evaluation (T&E) and Validation & Verification (V&V)
- Provide expertise on the Risk Management Framework that aligns both with the MCSC Certifier standards and HQMC C4 IA Designated Accrediting Authority (DAA) requirements
- Conduct system scans using Assured Compliance Assessment Solution (ACAS) and provide mitigation or remediation of findings
- Plan and lead the deployment of security technologies to monitor appliances for security risks and compliance
- Use your winning personality to influence broader Engineering, Operations, and Technology groups in adopting security compliance controls and processes
- Develop workflows, deploy tools and conduct reviews to make sure the lines of business understand security compliance requirements
- Effectively tune platform performance and assess the overall quality of delivered security solutions
Qualifications for cybersecurity operations
- Experience developing, implementing, and executing security and controls assessment test plans
- Experience assisting with incorporating approved changes in the policy and other applicable documents
- Experience ensuring that system security requirements are addressed during all phases of the system life cycle
- Experience shepherding issues found during routine scans through a mitigation process
- Experience developing and implementing action plans to mitigate IA risks
- Experience in developing scripts to fix STIG related findings
2
Cybersecurity Operations Job Description
Job Description Example
Our company is growing rapidly and is looking for a cybersecurity operations. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for cybersecurity operations
- Evaluate & build different security frameworks for all tiers and implement scalable security solutions
- We're looking for self-starters, who can lead teams and work with stakeholders
- Works closely with enterprise IT, Delivery, and other functional area specialists to ensure adequate security solutions are engineered and deployed in across the enterprise and together with other platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements
- Own user behavior analytics on behalf of the company
- Fully support the deployment and platform maturity through expansion design, capacity planning and configuration
- Remediation of system health-related alerts including on-call, overnight response, software/hardware failures and/or user-related issues
- Administrative maturity of the platform including patching and implementing security best practices
- Integration of key intelligence metrics into the platform to add value to the existing platform content
- Work with the vendor and customer (analysts) in fully utilizing the tool for an increased enterprise security posture
- Collaborate with cross-functional and/or cross-segment teams and influence the decision to incorporate IRM point of view
Qualifications for cybersecurity operations
- Able to follow Operational processes and workflows
- Familiarity with DISA ACAS tool and Vulnerability Management System (VMS) REQUIRED
- Experience with NIST SP 800-53 and the Risk Management Framework
- Experience conducting system assessments and vulnerability testing in accordance with DoD Instruction 8500.2 Information Assurance Implementation
- Experience performing Security Technical Implementation Guides (STIGs) assessments for application servers and database security technical implementation
- Experience with scanning software and following STIGs to secure software and hardware in order to secure system and reduce or eliminate security vulnerabilities
3
Cybersecurity Operations Job Description
Job Description Example
Our innovative and growing company is looking to fill the role of cybersecurity operations. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for cybersecurity operations
- Ensure active monitoring of network and endpoint inventory
- Support data collection from McAfee epo and IP360 into a ServiceNow repository
- Work with HP internal partners, vendors, and service providers to provide documentation for regulation compliance and adherence to applicable laws, industry and regulatory requirements, HP Cybersecurity policies and standards
- Perform incident management/response across the enterprise and provide consistent security monitoring, response, follow-up investigation, and determination of root cause
- Extensive experience in security engineering and/or operations with hands on experience
- Acts as an extended part of the Incident Response team when required
- Partner with Finance & Business Management to provide direction, advice and analytics across the team to ensure key financial & staffing targets are well-understood and managed, assist in tracking real estate footprint globally and coordinating moves and additional seats required across all locations
- Oversee the operations and security assurance organization, consisting of direct reports and indirect reports (including FTE employees, contract and MSS staff, external service providers and key technology partners and vendors)
- Manage the day to day operational tasks of the RPA team
- Assist with development of new automated processes
Qualifications for cybersecurity operations
- Experience with Agile software development methodology, VMware vSphere, SCAP Compliance Checker (SCC), and Tenable Nessus
- Experience in system assessments for DoD IT systems
- Strong familiarity with DISA and DoD mandated Information Assurance practices
- Experience conducting vulnerability testing on Windows based systems
- 6+ years’ experience in the Certification and Accreditation process or equivalent technical experience with the Defense Information Assurance Certification & Accreditation Process (DIACAP) with a full understanding of the System Development Life Cycle
- At least 5 years of experience with security tools and infrastructures
4
Cybersecurity Operations Job Description
Job Description Example
Our company is growing rapidly and is looking to fill the role of cybersecurity operations. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for cybersecurity operations
- Apply knowledge of tactical to strategic level intelligence analysis of Cyber threats, vectors, and actors in support of Cyber defense and computer network operations
- Define and implement operational process improvements to streamline the work intake and automation processes within the RPA team
- Manage and undertake core technical reviews to ensure consistent high quality and minimal rework of automated processes
- Contribute to the further development and implementation of RPA across the enterprise
- Act as key liaison between ECS and the central RPA operations team
- Information Security & Access Management (50%)
- On behalf of Global Cybersecurity, prepare and deliver regular written and verbal briefings across all levels of the enterprise as to the benefits and results of the threat modelling
- Maintain regular contact and liaison with internal partners across the enterprise to ensure a full understanding of their business processes, requirements and to respond to ad hoc requests as required
- Identify and action opportunities to improve and progress support to the business both generically and in times of a specific need
- Manage existing capability in collecting, analyzing, escalating, and responding to cyber attacks and assist in maturing overall program
Qualifications for cybersecurity operations
- At least 5 years of experience with networks and systems
- At least 5 years of experience with working in a mixed technology environments
- 1 year of experience with core infrastructure components
- 1 year experience with SOX and regulatory and statutory compliance
- Strong knowledge of information security related analytics including user behavior analytics
- 5 or more years relevant information security work experience
5
Cybersecurity Operations Job Description
Job Description Example
Our company is growing rapidly and is looking for a cybersecurity operations. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for cybersecurity operations
- Administratively ensure tools are functioning as designed to optimize delivery of threat alert data for analysis
- Lead cursory and/or in-depth analysis
- Review their requests, analysis and conclusions for delivery of additional SIEM content
- Develop and enhance an information security management framework based on the International Organization for Standardization (ISO) 27001 and National Institute of Standards and Technology (NIST) standards to integrate and normalize the wide variety and ever-changing requirements resulting from laws, standards and regulations
- Develop the metrics and reporting framework to provide status of the information security program to enterprise risk teams, senior business leaders, and the board of directors as part of a strategic enterprise risk management program
- Monitor the external threat environment for emerging threats, advising relevant stakeholders, and coordinating with external agencies, such as law enforcement and other advisory bodies, to ensure that the organization maintains a strong security posture
- Lead the Center for Cybersecurity Operations Education and provide administrative guidance in the development of the center
- Develop and enhance strategic partnerships with industry, government, and military
- Prepare and submit grant proposals related to training and workforce development
- Teach a director-level course load (2-2 or 2-1-1 workload) of cybersecurity courses and maintain faculty qualifications in the Department of Computer Science and Information Systems (including teaching, scholarship/research, and service)
Qualifications for cybersecurity operations
- 1 or more years of Linux experience
- Understanding of cybersecurity environments
- Ability to collaborate with internal and external stakeholders, communicate with high-level management
- Understanding of security threats, techniques, landscape and self-driven desire to research current information security landscape
- Prior experience working in a large matrix organization and manage change, ambiguity, and urgency
- Security Tools experience (such as Gurucul, SIEM and/or ArcSight etc)