Security Operations Staff

About The Position

Requirements

• Typically requires a University Hire with 1-2 years of experience or 5-6 years of relevant work experience.
• Must be a US Citizen.
• Entry-level position within field.
• Learning to use professional concepts.
• Applies company policies & procedures to resolve routine issues.
• Typically requires a University Hire with 2-5 years of experience or 6-9 years of relevant work experience.
• Must be a US citizen.
• Career development position within field.
• Continues to learn and apply professional concepts.
• Applies company policies & procedures to resolve mostly routine issues.

Responsibilities

• Performs initial alert triage following SOC playbooks (EDR, SIEM, email security, web proxy, identity platforms, etc.).
• Recognizes potential security issues, collects supporting evidence, documents findings, and escalates according to SOC procedures.
• Assures all work processes are properly tracked in case management systems to support cybersecurity programs and audit requirements.
• Supports monitoring and basic troubleshooting of cybersecurity tools and systems under SOC purview.
• Assists in applying security controls and reports on their effectiveness as directed by senior analysts and SOC leadership.
• Helps implement and monitor cybersecurity safeguards following standard operating procedures and guidance from senior team members.
• Participates in incident response activities, including evidence gathering, log review, and incident documentation.
• Works closely with senior analysts to develop investigation skills, understand root cause analysis, and improve technical depth.
• Maintains situational awareness of SOC alerts and ongoing incidents, escalating any anomalies or deviations.
• Performs advanced investigations and leads incident response activities through containment, remediation, and recovery.
• Assists with system audits to evaluate security posture, detect vulnerabilities or misconfigurations, and recommend corrective actions.
• Develops and maintains cybersecurity documentation, including investigation reports, SOPs, playbooks, and authorization artifacts for systems under purview.
• Proactively hunts for indicators of compromise, anomalous patterns, or advanced threats across multiple data sources.
• Analyzes and tunes detection logic (SIEM rules, EDR policies, alerting workflows) to reduce false positives and enhance coverage.
• Provides mentorship and guidance to Level 1 analysts on triage quality, escalation criteria, indicators of attack/compromise, and case documentation.
• Coordinates with security engineering teams on tool enhancements, automation improvements, and control optimizations.
• Supports incident post-mortems and root cause analysis, producing actionable insights to improve SOC processes.

Benefits

• comprehensive medical, dental, and vision plans, along with optional disability and supplemental insurance options
• generous paid time off (160 hours annually, accrued 6.16 hours per pay period)
• nine paid holidays
• paid parental leave
• discretionary bonuses
• a well-designed 401K plan with matching and profit-sharing components