Cybersecurity SOC Analyst

About The Position

Requirements

• 1-2 years experience in cybersecurity operations, incident response, security monitoring, IT operations, networking, or a related enterprise technology environment.
• Ability to support a 24x7x365 operating model, including day, evening, weekend, or holiday shifts as assigned.
• Foundational knowledge of network protocols, operating systems, enterprise architecture, and common log sources used in security investigations.
• Basic understanding of incident response processes, alert triage, threat indicators, and cyber security attack techniques.
• Ability to prioritize work, follow documented procedures, and make sound decisions in a fast-paced operational environment.
• Self-motivated, Detail-oriented, and able to collaborate effectively as part of a cross-functional team in a fast-paced, high-impact operational environment.
• Strong critical thinking skills, strong puzzle-solving ability and an investigative mindset to analyze complex activity, connect related indicators, and identify potential security incidents.
• Bachelor’s degree in cyber security, information technology, computer science, or a related field preferred; equivalent practical experience may be considered.
• Must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered.

Nice To Haves

• Industry certifications such as CompTIA Security+, CySA+, CEH, GCIH, or similar foundational cyber security certifications.
• Experience with scripting or programming languages to support automation, analysis, or incident response activities.
• Direct experience with security technologies such as SIEM/SOAR, EDR, IDS/IPS, email security, firewalls, proxy tools, or case management platforms is preferred.

Responsibilities

• Monitor and triage security alerts and events generated by enterprise security tools, escalating validated or high-risk activity in accordance with established playbooks and service level targets.
• Perform initial investigation of suspicious activity across endpoint, network, identity, email, cloud, application, and system log sources.
• Analyze and investigate data in the SIEM/SOAR that originated from EDR, firewall, proxy, intrusion detection/prevention, email security, and other monitoring platforms to determine severity, impact, and required response actions.
• Document investigations, findings, actions taken, and escalation details in the case management system with clear, complete, and timely notes.
• Follow shift handoff procedures and communicate open issues, emerging threats, and significant events to team members and incident handlers.
• Contribute to continuous improvement by identifying recurring false positives, process gaps, and opportunities to improve alert quality, runbooks, and analyst efficiency.

Benefits

• This position is not eligible for an annual incentive opportunity and is also not eligible to earn commissions.