Preventing, detecting, and responding to cybersecurity events increasingly depends on an organizations ability to match security operations needs with the correct people, process, and technology requirements. At the heart of this dependency is the robust, mature, and capable Security Operations Center (SOC). However, existing cybersecurity frameworks are limited and not designed for developing capable, effective SOCs. This is because there is no single approach to SOC development. Organizational needs are unique and therefore the roles, services, and tools needed for the SOC to support organizational mission and goals must also be unique. Developing or improving a SOC is a process which must be flexible. To assist organizations is this process, the SEI has developed OSCAR – the Ontology for SOC Creation Assistance and Replication. OSCAR is a structured knowledge base developed using description logics which organizes SOC knowledge in to 5 domains and more than 80 classes. Built based on interviews with SOC experts and years of institutional knowledge and experience, OSCAR provide new perspectives on SOC development and a new tool for teams to use when developing SOC capabilities.