Monitors work queues for alerts of potential network threats, intrusions, and/or compromises
Assess validity and scope to determine if the alert is actionable and determine remediation steps required
Confirm accuracy of the alerting information
Identify malicious behaviors
Determine remediation actions needed
Escalate incident to proper team for response and remediation
Participate in and provide leadership to specialized guild related activities and projects
Mentor and provide guidance to associate and cybersecurity analysts
Positions in this function are involved in the body of technologies, processes, and practices designed to protect and defend networks, computers, programs, and data from attack, damage, theft, or unauthorized access, including firewall, digital forensics, investigative services, and incident management
Generally work is self-directed and not prescribed