Senior SOC Analyst

About The Position

Requirements

• Bachelor’s degree in cybersecurity, computer science, engineering, or related field
• Five plus years of experience in SOC monitoring, incident response, or related fields.
• Demonstrated technical understanding in emerging cybersecurity threats.
• Ability to create detections aligning with the MITRE ATT&CK framework.
• Expertise in SOAR, SIEM, threat intelligence, identity management, and endpoint detection and response tools.
• Strong understanding of threats, vulnerabilities, and incident response principles.
• Excellent judgment and ability to make quick decisions in complex situations.
• Perform tasks independently and work within a fast-paced environment.
• Exceptional written and verbal communication skills across varying levels of the organization
• Precise documentation of processes to guide troubleshooting of common issues.
• Solid to Advanced Understanding Required: MDR, SIEM, SOAR, Network Security, Email Security
• Moderate Understanding Required: Cloud Computing Environments Security, Infrastructure: Firewalls/SDWAN, Edge Computing, Edge Proxy, Identity Security, Server and Workstation Operating Systems
• Scripting Skills: PowerShell, Python

Nice To Haves

• Certifications in Information Security and related disciplines are a plus.

Responsibilities

• Serve as a subject matter expert for a team of analysts dedicated to monitoring and responding.
• Respond to and investigate cybersecurity incidents, including those that occur off-hours as part of a scheduled on-call rotation.
• Serve as a mentor and escalation point for junior SOC analysts, assisting with day-to-day SOC requirements.
• Identify strengths and areas for improvement within the team to improve skills and knowledgebase.
• Stay current with cybersecurity threats, AI developments, risks, and vulnerabilities that could impact services.
• Create detections aligned with the MITRE ATT&CK framework and recommend improvements to leadership.
• Refine and maintain playbooks, procedures, and guidelines that align with industry best practices.
• Maintain strong partnerships with security engineering, incident response, and IT teams to improve monitoring, workflow, and response capabilities.
• Document and share information with team members to help improve analytical skills.
• Support monitoring and response metrics, KPIs, and service level objectives for security events and incidents.
• Automate repetitive tasks within the SOAR environment using ML/AI to drive efficiencies, enabling focus on more advanced tasks.
• Regularly participate in and coordinate tabletop exercises to identify gaps, improve skills, and enhance communication.
• Review reports from tabletop exercises, vulnerability assessments, and penetration testing to make improvements.
• Evaluate and audit available logging to determine potential gaps in detection capabilities.
• Examine log source data across endpoints, databases, applications, identity management, networks, mobile devices, and cloud.
• Recommend adjustments to security tool configurations to minimize false positives.
• Provide recommendations for improving monitoring, logging, identity management, data protection, detection, and preventative controls.
• Assist with forensic investigations and threat hunting activities.

Benefits

• This position is eligible to participate in Brunswick's comprehensive and high-quality benefits offerings, including medical, dental, vision, paid vacation, 401k (up to 4% match), Health Savings Account (with company contribution), well-being program, product purchase discounts and much more.