Security Operations Center Analyst

About The Position

Requirements

• Bachelor’s degree and 4 years of relevant experience; or High School Diploma (or equivalent) and 8 years of relevant work experience in lieu of degree or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219(6).
• Position requires a valid Class E driver’s license.
• Applicant must be authorized to work for any U.S. employer, as sponsorship is not available for this position now or in the future.

Nice To Haves

• 5+ years of operational cybersecurity experience, including work in a Security Operations Center (SOC), incident response, or similar security operations role.
• Hands-on experience with core SOC technologies, including: SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel), SOAR tools for automation and orchestration, Endpoint detection and response (EDR) solutions, Network IDS/IPS technologies, and Firewall administration and enterprise log analysis.
• Experience developing and tuning detection capabilities, including writing correlation rules, alerts, and automated workflows within SIEM and SOAR environments.
• Scripting proficiency (e.g., Python, PowerShell, Bash) for automation, custom detections, data parsing, and enrichment.
• Knowledge of emerging AI-driven attack vectors, including prompt injection, adversarial machine learning techniques, data poisoning, and model extraction attacks.
• Experience deploying or tuning AI-based security capabilities, such as anomaly detection models, AI-assisted triage tools, or LLM-driven threat analysis workflows.
• Demonstrated incident response expertise, including triage, advanced threat analysis, containment, root-cause analysis, and post-incident reporting.
• Familiarity with digital forensics tools, methodologies, and evidence-handling (endpoint, network, or cloud forensics).
• Understanding of cloud security principles and monitoring within Azure, Amazon Web Services (AWS), and/or Google Cloud environments, including hybrid infrastructure.
• Strong analytical, investigative, and problem-solving skills, with the ability to communicate technical findings clearly to both technical and non-technical audiences.
• Experience in higher-education or complex enterprise environments, including research and administrative support, data-security compliance frameworks (e.g., FERPA, HIPAA, NIST 800-171), and the unique network/security challenges of university settings.
• Relevant Industry-recognized certifications such as CompTIA Security+, CySA+, CEH, GIAC Security Essentials (GSEC), or Certified SOC Analyst (CSA).

Responsibilities

• Monitor SIEM, EDR, IDS/IPS, firewalls, and other security tools for alerts and anomalies.
• Perform initial triage and validation of security alerts to identify potential incidents.
• Conduct deep analysis of events using multiple data sources (e.g., SIEM logs, endpoint telemetry, network traffic).
• Lead investigations involving advanced persistent threats (APTs), insider threats, or multi-stage attacks.
• Perform root cause analysis and develop post-incident reports with tactical and strategic recommendations.
• Create and tune detection rules and automation workflows within SIEM and SOAR platforms.
• Monitor, detect, and analyze AI-driven attack techniques (e.g., prompt injection, data poisoning, model theft, adversarial input attacks).
• Evaluate and deploy AI-based security capabilities (e.g., anomaly detection models, LLM-based analysis tools) to enhance threat visibility.

Benefits

• Benefit packages, including Medical, Dental, Vision, Life Insurance, Flexible Spending, and Employee Assistance Program
• Paid time off, including annual and sick time off and paid holidays
• Retirement savings options
• Employee discounts, including tickets to many Orlando attractions
• Education assistance