SOC Analyst I

AMERICAN SYSTEMSMonterey, CA
$39 - $40Onsite

About The Position

As the SOC Analyst I, you will provide tier I cybersecurity support in a SOC environment by tracking and reporting cyber security threats, events, and incidents. You will be expected to perform threat analysis and investigate security incidents. In the event of an incident, you will identify the source of the incident, determine the scope of the incident, and assess the impact of the incident. You will be responsible for providing initial response and containment measures, as well as escalating incidents to higher tiers if necessary. You will report to the Incident Handler Principle and work closely with other Tier I and Tier II personnel to effectively and efficiently provide optimum service to our customers. Additionally, in this position you will: Use intrusion detection technologies to apply techniques for identifying host and network-based Create, update, and resolve incident tickets that have been tasked to Tier I and appropriately document all alerts and incidents in the ticketing Create new incident tickets for alerts that signal an incident requiring escalation for Tier 2 review. Identify, capture, contain, and report malware to protect networks (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Recognize and categorize types of vulnerabilities and associated Utilize the SOC standard operating procedures (SOP) to perform daily tasks, resolve incidents and preserve evidence integrity. May provide input for and assist with updating procedures. Perform damage assessments, secure network communications, and use security event correlation Utilize the SOC checklist when reviewing the latest alerts and events from various SOC sensors to determine relevancy and urgency. Review open source and other sources of information to identify events that should be transitioned into the incident response process. Under supervision, may manage and configure security monitoring tools (SIEM, IDS, Firewall, Access Control Lists, etc.) to mitigate existing threats and vulnerabilities. May assist with the design of incident response for cloud service models.

Requirements

  • Must be a U.S. Citizen.
  • Must hold an active DOW Interim Secret or Secret Clearance.
  • Must hold at least one certification as required by Dept. of War (DoW) 8570.01-M and Department of War Directive 8140.01, IAT Level II or Higher OR have the ability to obtain within 6 months of hire.
  • Must hold at least one of the following certifications or have the ability to obtain within 6 months of hire: CompTIA CySA+, EC-Council CEH, GIAC GCIA, Microsoft AZ 900, Palo Alto Networks PCCET, or Splunk Core Certified Advanced Power User.
  • Must have a minimum of one (1) year of professional experience in networking, UNIX/Linux system administration, software engineering, or software development.
  • Will accept a bachelor’s degree in computer science, engineering, information technology, cybersecurity, or related field in place of the 1 year of experience.
  • Knowledge of or experience with computer networking concepts, OSI model, and network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services, and network security.
  • Knowledge of or experience with host/network access control mechanisms (e.g., access control list, capabilities lists).
  • Knowledge of or experience with network traffic analysis methods and packet-level analysis.
  • Knowledge of or experience with cyber threats and vulnerabilities; cyber-attack stages, classes of attacks and attackers; cyber defense and information security policies, procedures, and controls.
  • Knowledge of or experience with incident response and handling methodologies, incident categories, and timelines.
  • Knowledge of or experience with intrusion detection methodologies and techniques for detecting host and network-based intrusions.
  • Knowledge of or experience with malware analysis concepts and methodologies.
  • Knowledge of or experience with system administration, network, and operating system hardening techniques as well as data backup and recovery.
  • Proficient in at least one programming language.
  • Working understanding of computer forensic techniques and methodologies.

Responsibilities

  • Provide tier I cybersecurity support in a SOC environment by tracking and reporting cyber security threats, events, and incidents.
  • Perform threat analysis and investigate security incidents.
  • Identify the source, scope, and impact of security incidents.
  • Provide initial response and containment measures for security incidents.
  • Escalate incidents to higher tiers if necessary.
  • Use intrusion detection technologies to identify host and network-based threats.
  • Create, update, and resolve incident tickets, documenting all alerts and incidents.
  • Create new incident tickets for alerts requiring escalation to Tier 2.
  • Identify, capture, contain, and report malware.
  • Recognize and categorize types of vulnerabilities.
  • Utilize SOC standard operating procedures (SOP) to perform daily tasks and resolve incidents.
  • Perform damage assessments and secure network communications.
  • Use security event correlation.
  • Utilize the SOC checklist to determine relevancy and urgency of alerts and events.
  • Review open source information to identify events for the incident response process.
  • Under supervision, manage and configure security monitoring tools (SIEM, IDS, Firewall, Access Control Lists, etc.).
  • Assist with the design of incident response for cloud service models.

Benefits

  • Healthcare benefits
  • Paid leave
  • Retirement plans
  • Insurance programs
  • Education and training assistance
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service