Senior Analyst, Security Operations Center

About The Position

Requirements

• Associate's degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
• Experience managing cases/incidents
• Ability to think analytically
• Robust creativity and problem-solving skills
• Knowledge of technical systems and terminology
• Proficiency in threat management analysis and dissemination
• Proficiency in scripting languages
• Advanced written and verbal communication skills

Nice To Haves

• Bachelor's Degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
• Information Security Certification, preferred:
• GSEC
• Security+
• GIAC
• Python or PowerShell scripting
• Azure Sentinel and CrowdStrike experience
• A solid understanding of networking, cyber security concepts
• Aptitude in solving problems independently
• Demonstrated problem-solving skills
• Sound decision-making ability
• Must be detail oriented, well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude
• Strong analytical and time management skills

Responsibilities

• Lead incident response efforts for high-severity and complex security events, serving as the primary technical coordinator during major incidents.
• Act as escalation point for junior analysts, providing technical guidance and decision support in real time.
• Oversee daily SOC operations, including shift management, workload distribution, and quality assurance of investigations.
• Conduct post-incident reviews and facilitate lessons-learned sessions to drive continuous improvement.
• Mentor and train junior analysts to elevate team capabilities and strengthen overall SOC maturity.
• Perform advanced threat analysis, including APT detection, multi-stage attack correlation, and deep analysis of threat actor tactics, techniques, and procedures (TTPs).
• Lead proactive threat hunting initiatives across cloud, network, identity, and endpoint environments.
• Design and implement advanced detection rules, correlation logic, queries, and dashboards in SIEM and SOAR platforms.
• Develop custom automation playbooks to accelerate investigation, triage, and containment processes.
• Evaluate and recommend enhanced SOC technologies, detection techniques, and analytic capabilities.
• Lead continuous improvement initiatives for SOC processes, workflow automation, detection coverage, and operational efficiency.
• Develop SOC documentation including advanced runbooks, SOPs, and knowledge base articles.
• Contribute to SOC strategic planning, metrics, KPIs, and roadmap initiatives aligned with Security leadership.
• Support transformational projects such as AI-driven detection, automation frameworks, and maturing detection-as-code practices.
• Collaborate closely with Threat Intelligence, Engineering, IT, and Network teams to align detection and response capabilities with enterprise risk priorities.
• Monitor, triage, and analyze security alerts from SIEM, SOAR, EDR/XDR, DLP, CASB, and cloud security tools.
• Provide prescriptive remediation guidance across IT and Network operations teams.
• Document investigations, root cause analyses, and recommendations for prevention and long-term mitigation.
• Participate in a 24x7 on-call rotation, including night shifts as required, for escalated incidents.

Benefits

• We offer competitive compensation and comprehensive benefits.
• Our benefits and paid time off programs reflect our underlying belief in promoting overall wellness through physical, emotional and financial health.
• Brightspeed offers a comprehensive benefit program, including competitive medical, dental, vision, and life insurance; an employee assistance program; a 401K plan with company match and a host of voluntary benefits.