Cybersecurity Management
Cyber Defense/Breach Response (a bit broader term: Security Operations)
Cybersecurity Posture Management (former: Reconnaissance/Analysis/Planning)
Cyber Protection/Security Engineering
Just a reminder that team members have to rotate through all these roles except management (until they get there).
Approach, Terms, Formalizations, Procedures, Team|Roles, Cooperation within cybersecurity team
Breach: response preparation, detection, response
Obviously, this section includes Detection Engineering aka threat hunting. Detection should be setup as per MITRE "TTP-Based Hunting" [1]. MITRE offers free training on that exact topic through MITRE MAD hunting course on Cybrary [2].
BRSE-compliant detection is "disruption-oriented", meaning that aside from alerting about specific TTP in action but leading security analyst as close to the malicious processes to be disrupted as possible.
.. or a Reconnaissance/Analysis/Planning (RAP)
Relevant breach types and TTPs, IT Discovery, modeling, threat management, vulnerability management.
Detection Engineering and Threat Hunting.
Some might just call it threat management, however I don't believe that is the appropriate wording, although there is a clear overlap.
Cooperation with IT: patching, hardening. Design, deployment, run & maintain of security solutions and tools. IT Approach and architecture: Blue/Green, Data/Code split, IaC