Sr. Cyber Security Consultant

Work Location: 7900 National Service Road Greensboro, NC 27409

Job Title: Principal Cybersecurity Analyst (L4) – Incident Response & Threat Strategy

Days are M-F 2pm to 10pm Eastern time

 As a Principal Cybersecurity Analyst (L4), you will be a senior technical leader within the Global Cybersecurity Operations Center (CSOC). This role combines expert-level hands-on incident response, advanced threat hunting, and digital forensics with strategic cybersecurity leadership.

You will play a critical role in shaping CSOC strategy, working alongside the Head of CSOC to refine detection, response, and intelligence capabilities to proactively defend against emerging threats. As a recognized subject matter expert (SME), you are expected to stay ahead of cyber threat trends, attack methodologies, and adversary tactics, ensuring the CSOC is future-ready and resilient against evolving cyber threats. 

What you will do:

• Strategic Threat Defense & Security Roadmap
• Work closely with the Head of CSOC to define and refine CSOC strategy to address emerging cybersecurity threats.
• Continuously evaluate and enhance detection and response frameworks, aligning with business risk and threat landscape evolution.
• Lead SOC maturity initiatives, driving automation, advanced analytics, and intelligence-driven security operations.
• Develop KPIs and CSOC performance metrics to measure effectiveness and resilience against modern cyber threats.
• Act as a trusted advisor to executive leadership, Enterprise IT Security (EITS) teams, and business stakeholders on cyber risk and response strategies.
• Advanced Incident Response & Threat Hunting
• Serve as the highest-level escalation point for complex cybersecurity incidents, including nation-state APTs, ransomware, and insider threats.
• Conduct proactive threat hunting using behavioral analytics, anomaly detection, and adversary tracking.
• Perform deep forensic investigations into network intrusions, malware infections, and cloud-based threats.
• Develop custom SIEM detection logic, EDR rules, and network security signatures to enhance threat visibility.
• Correlate threat intelligence (TI), security logs, and endpoint telemetry to identify persistent threats and attack patterns.
• Cyber Threat Intelligence & Emerging Threat Research
• Stay up to date with the latest cybersecurity news, APT activities, vulnerabilities, and exploit trends.
• Drive threat modeling exercises to anticipate and counter evolving adversary tactics, techniques, and procedures (TTPs).
• Lead adversary tracking initiatives, mapping threats to MITRE ATT&CK, Cyber Kill Chain, and TIBER-EU frameworks.
• Collaborate with global threat intelligence teams to curate and integrate high-value threat intelligence into CSOC operations.
• Evaluate new attack vectors, malware strains, and exploit techniques, ensuring defensive capabilities remain ahead of adversary innovation.
• Security Engineering & SOC Enhancement
• Partner with cybersecurity engineers, architects, and IT teams to improve enterprise security posture.
• Lead security automation (SOAR) initiatives, developing playbooks and automated response workflows.
• Recommend and implement advanced detection technologies, including UEBA, deception technologies, and AI-driven threat analytics.
• Assist in red team/blue team exercises, purple teaming engagements, and cyber resilience stress tests.
• Leadership, Mentorship & Expert Advisory
• Act as a mentor and technical coach to CSOC analysts (L1-L3), fostering continuous skill development.
• Design and conduct advanced training programs and tabletop exercises to prepare SOC teams for high-impact incidents.
• Represent the CSOC in executive briefings, security conferences, and cybersecurity think tanks.
• Assist in developing and enforcing cybersecurity policies, standards, and compliance frameworks.

In this role, you will bring:

• Bachelor's or Master's degree in Cybersecurity, Computer Science, or a related field.
• 10+ years of hands-on cybersecurity experience, with deep expertise in SOC operations, incident response, and cyber threat intelligence.
• Demonstrated experience leading complex investigations into APTs, cybercrime operations, and enterprise-wide security incidents.

 Technical Skills & Expertise

 Advanced Incident Response & Forensics:

• Expert-level proficiency in digital forensics, memory analysis, network forensics, and endpoint telemetry analysis.
• Ability to track adversary TTPs across enterprise environments using advanced threat intelligence correlation.

 Security Tools & Technologies:

• Hands-on experience with industry-leading SIEM, EDR, IDS/IPS, forensic tools, and threat intelligence platforms.
• Proficiency in YARA rule development, Sigma rules, and custom detection engineering.

 Cyber Threat Intelligence & Adversary Tracking:

• Expert understanding of nation-state cyber threats, APT campaigns, and cybercriminal ecosystems.
• Strong working knowledge of MITRE ATT&CK, Diamond Model, Cyber Kill Chain, and TIBER-EU methodologies.
• Ability to reverse engineer malware and extract indicators of compromise (IOCs) and tactics of adversaries.

 Scripting & Security Automation:

• Proficiency in Python, PowerShell, or Bash for security automation, log parsing, and threat hunting.
• Experience building custom SOAR playbooks to automate incident response and threat containment.

 Cloud & Network Security:

• Strong understanding of cloud security monitoring (AWS, Azure, GCP) and zero-trust architecture principles.
• Deep knowledge of network security protocols, firewall technologies, and modern identity-based threats.

 Preferred Qualifications:

Advanced Certifications:

• CISSP, GCIH, GCFA, GCFE, GNFA, OSCP, CCTHP, CTIA, or CISM.
• Deep Cybersecurity Expertise in:
• Cyber Threat Hunting & Intelligence-Driven Defense
• Advanced Malware Analysis & Reverse Engineering
• Security Automation & Orchestration (SOAR)
• Network & Endpoint Forensics
• Cloud Security & Identity Threat Detection

 Leadership & Strategic Impact:

• Experience defining SOC strategy, cyber defense roadmaps, and risk mitigation frameworks.
• Ability to bridge technical findings with executive-level security strategy and risk management