• Be an initial evaluation point for all security-related tickets that come into the team's multiple queues (including triage, containment, and remediation) • Understand the basic incident response lifecycle • Excel at documentation and detailed notetaking, including SOP writing, incident reporting, email and instant messaging etiquette, and most importantly, documenting incident actions • Collect and analyze log data from complex, virtualized, multi-site computing environments and SNHU's technology ecosystem • Conduct real-time monitoring of security events from multiple sources and use analytical and problem-solving skills to identify, triage, analyze, investigate, and escalate information security events and alerts • Analyze digital evidence to identify indicators of compromise, adversary activity, root cause, incident timelines, and attack vector(s) • Perform incident response activities like endpoint isolation, malware remediation, forensic analysis, malware analysis, community member interviews, and network traffic analysis • Perform investigation and escalation for complex or high severity security threats or incidents • Coordinate information security incident response according to SNHU's Information Security Incident Response Plan • Communicate with partners, in a non-technical manner, at all organizational levels as part of incident response and remediation activities • Design and implement or monitor information security incident remediation plans • Design and manage security tools (e.g. Splunk, Halcyon, Microsoft Defender, Tenable) • Design, deploy, and manage detections and alerts for specific or common threat conditions • Design and implement standard operational processes for handling common incident types • Maintain automation scripts and other tools to enhance security operations efficiency • Familiarity with enterprise security tools like Splunk, Tenable, Proofpoint tools, Microsoft Defender components, Office 365 tools, PowerShell, and multiple network tools • Demonstrate a deep source of ethics, integrity, and confidentiality • Can remain calm and function at the highest level during a crisis • Remain up to date on latest threat intelligence • Develop strategies and solutions that improve or mitigate the risks associated with these threats • Work cross-functionally across ITS and all SNHU departments to provide guidance, and technical implementations to include triage, containment, and remediation when applicable • Provide customer support according to SNHU's Core Values and understand how and when to escalate potential issues • Help with risk management, vulnerability management, security assessment, auditing, and security authorization projects, as directed by the university's Information Security Management team • Provide mentoring to junior analysts • Other responsibilities as assigned