Security Operations Center (SOC) Tier- 3 - Full-time

MAD SecurityHuntsville, AL
Onsite

About The Position

The SOC Tier-3 Analyst is responsible for advanced security monitoring, incident response, and threat hunting in support of our clients daily in Huntsville, Alabama. The SOC Tier-3 Analyst should be deeply familiar with security operations technologies and disciplines including Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), incident response (IR), firewall management (FW), and vulnerability management (VM). In this position, you will analyze, triage, and investigate client security events, lead complex incident response efforts, conduct focused threat hunt operations, integrate AI-driven workflows into SOC operations, and continuously improve detection and prevention capabilities while working as part of a multi-function team that includes network engineers, cyber operations technical leads, cyber operations center managers, firewall engineers, and compliance management consultants.

Requirements

  • Minimum six (6) years of experience in IT security and/or information technology
  • Experience working in a Security Operations Center or Network Operations Center in an enterprise or managed services provider (MSP/MSSP) environment
  • Experience in incident response, forensics, malware reverse engineering, or incident investigation in large-scale environments
  • Experience with industry security tooling required; experience with Elastic, Fortinet, Avanan, OpenText NDR, and Microsoft Sentinel is a plus
  • Bachelor's degree in Information Technology, Information Security/Assurance, Computer Science, or an equivalent combination of education and experience preferred; Master's degree a plus
  • Strong problem solving and critical thinking skills, with the ability to prioritize and execute autonomously
  • Ability to tune correlation rules and outcomes via SIEM and SOAR platforms and apply emerging SOC and IR techniques to improve efficiency and effectiveness
  • Familiarity with applying AI and automation in a SOC context to augment detection, triage, and response, with sound judgment about where human oversight remains essential
  • A desire to take on roles of increasing responsibility including defining services, managing teams, and coordinating resources
  • Integrity: Ethical and respectful to clients and team
  • Grit: Ability to self-motivate, self-manage, and meet deadlines when faced with competing priorities
  • Customer-centric: Understand that partnership with our clients is a “win-win” scenario
  • Selfless: Understand that when one team member succeeds, we all succeed

Nice To Haves

  • Master's degree a plus
  • Experience with Elastic, Fortinet, Avanan, OpenText NDR, and Microsoft Sentinel is a plus

Responsibilities

  • Master the technical tools and procedures used to manage and operate the SOC
  • Apply a deep understanding of how SIEM and SOAR technologies function to monitor and defend client environments
  • Administer and maintain Elastic and related SOC tooling
  • Analyze, triage, aggregate, escalate, and report on client security events, including investigation of anomalous and malicious activity
  • Lead problem solving and resolution during incident response events
  • Plan and execute focused threat hunt operations
  • Perform correlation and trend analysis of security logs, network traffic, security alerts, events, and incidents
  • Collaborate with all SOC experts to monitor, identify, and make notifications on cybersecurity matters to provide a holistic and seamless experience for the client
  • Continuously improve SOC technologies to minimize false positives and maximize detection and prevention effectiveness
  • Build, tune, and operationalize AI-assisted SOC workflows for detection, alert triage, enrichment, and automated response
  • Evaluate AI and automation tooling to improve analyst efficiency and speed to resolution while preserving accuracy and human oversight of critical decisions
  • Develop comprehensive and accurate reports and presentations for technical and executive audiences
  • Design and conduct proof-of-concept tests to replicate third-party findings and propose solutions to resolve discovered security issues
  • Communicate regularly with the team and with clients to proactively address concerns and maintain trusted relationships
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service