IT SOC & Automation Analyst

About The Position

Requirements

• Educational background in Cybersecurity, Computer Science, Information Technology, Engineering, or a related discipline, preferably with cybersecurity-focused coursework, specialization, or practical security exposure.
• Practical understanding of cybersecurity and security operations concepts including alert triage, incident response, threat detection, attack techniques, networking fundamentals, operating systems, identity security, and core security principles.
• Working knowledge of scripting, automation concepts, APIs, JSON, REST, workflow logic, or similar technologies using Python, PowerShell, or related tools.
• Exposure to security operations or security technology environments such as SIEM, EDR/XDR, SOAR, identity and access management, cloud security, threat intelligence, ticketing systems, or security analytics platforms.
• Ability to analyze logs, alerts, security data, user activity, system events, and investigation details to identify patterns, anomalies, and potential security concerns.
• Ability to break down technical problems, investigate issues logically, document observations clearly, and identify opportunities for improvement or automation.
• Strong attention to detail, structured thinking, curiosity, and willingness to work across both security operations and automation-oriented activities.
• Effective written and verbal communication skills with the ability to document findings, explain observations, and collaborate with team members and stakeholders.

Responsibilities

• Support the development, execution, testing, and maintenance of automation workflows, orchestration playbooks, and response processes.
• Execute and validate automation workflows for alert enrichment, ticket management, notification, evidence collection, escalation, and response activities.
• Identify repetitive operational tasks and opportunities for automation across security monitoring, investigation, and incident response processes.
• Assist with the integration of security technologies including SIEM, EDR/XDR, threat intelligence platforms, ticketing systems, cloud platforms, and other security tools.
• Support workflow enhancements, automation testing, playbook tuning, and process optimization initiatives.
• Monitor, triage, investigate, and document security alerts and events using established procedures, runbooks, and escalation paths.
• Support incident response activities including investigation, evidence gathering, containment coordination, remediation tracking, and documentation.
• Analyze security events, alerts, and operational data to identify opportunities for improved automation and operational efficiency.
• Collaborate with SOC analysts, security engineers, platform owners, and other stakeholders to improve detection, response, and operational processes.
• Maintain automation documentation, playbooks, runbooks, workflow diagrams, operational procedures, and knowledge articles.

Benefits

• annual discretionary bonus
• 401(k) plan with a generous match
• recognition rewards
• competitive healthcare options
• insurance
• disability benefits
• employee stock investment program
• learning resources
• career development programs
• reimbursement for certain education expenses
• paid time off (vacation / holidays / sick / leave / parental & caregiving leave / bereavement / volunteering / floating holidays)
• motivational wellbeing program
• Three weeks of PTO in your first year
• Competitive medical, dental, and vision insurance
• 85% company match on pre-tax and/or Roth contributions, up to IRS limits
• Employee Stock Investment Plan (ESIP) with discounted share purchase opportunities
• Learning Education Assistance Program (LEAP)
• Opportunity to purchase company funds with no sales charge