SOC Analyst

EricssonPlano, TX
Onsite

About The Position

We are now looking for a SOC analyst in our global Cyber Defense Center (CDC). We detect and respond to cyber attacks originating from external threat actors and ensure we are one step ahead of adversaries. Our aim is to identify their plans and means to execute them, block and disrupt their execution, and remove their presence from within Ericsson. CDC’s focus is on sophisticated antagonistic threat actors (APT’s) who can do the most harm to Ericsson as a company. Our focus is not on cyber hygiene. The SOC provides 24/7 cyber security monitoring, triage, incident response, and detection engineering focusing on a wide range of threat actors, finding the signal in the noise and responding to the bulk of malicious activities. The SOC collaborates with the other units in the CDC: CDC Threat Intelligence, which compiles, analyzes and provides geopolitical and cyber threat intelligence to Ericsson and the CDC. CDC Incident Response and Threat Hunting, which focuses on advanced persistent threats (APTs). CDC AI, which ensures AI is leveraged to the fullest in automating cyber defense activities and supports security analysts, incident responders, threat hunters, etc. This unit is also specialized in incident response of AI supported and AI native attacks. CDC Red Team, which conducts adversary simulation assignments attacking Ericsson impersonating APT’s. CDC IT, which operates CDC’s dedicated IT environments and executes IT projects to ensure CDC has outstanding security monitoring coverage and data quality, and whatever IT ability is required to respond to cyber incidents. CDC Process & Governance, which manages CDC’s process universe, coordinates incident response, conducts vendor relationship management, etc.

Requirements

  • 4 plus years of experience with and expertise in triage, response and detection engineering in SOCs
  • Thorough knowledge of how to use EDR/ITDR/cloud security/SIEM/exposure management, etc. tooling (preferably CrowdStrike Falcon) to make quality judgements on false/true positives and malicious/non malicious
  • General technical knowledge of a broad area of technologies such as cloud (AWS, and/or GCP and/or Azure), Linux, Windows, network, identity, etc. and have deep technical knowledge of at least one of these technologies
  • A good understanding of threat actor TTP’s, can recognize the markings of these in telemetry and logs, and know where to look next to validate or dement whether the activity is a true or false positive, and whether it is malicious
  • Strong ambition and drive to catch threat actors, combined with a positive can-do attitude to continuously learn and improve yourself and how we work.
  • Stress tolerant, grounded and in control even during crisis situations when you encounter live threat actors or when attack campaigns overwhelm the SOC.
  • Impeccable integrity and no urge to share confidential information to gain social status or for any other reason.
  • US citizen

Responsibilities

  • Work in a follow the sun SOC, triaging and responding to prioritized alerts, supported by the other teams in CDC.
  • Responsible for validating whether the alert is a true or false positive, whether it is malicious, and respond according to the response plan.
  • Responsible for documenting your analysis and conclusions.
  • Escalate to the CDC incident response and threat hunting team and support them with scoping, containment and eviction where hands-on-keyboard activity or advanced or complex threat actor activity is determined.
  • Work alongside agentic AI systems (commercial and in-house developed) which will provide guidance and automate repetitive and mundane tasks so you can focus on the analytical part of the job instead of the pivoting and data gathering part.
  • Provide ideas and concrete contributions to improve and further automate the SOC, including detection engineering, reinforcement learning, Falcon Fusion workflows and Foundry apps.
  • Spend a considerable amount of time on skills development using Immersive Labs, on the job training and quality review & feedback sessions, conferences and peer interaction so you are always up to date on the threat landscape, how to deal with threats on the technologies we have.

Benefits

  • Choice of three medical plan options
  • Dental plan option
  • Company credits towards medical and dental premiums
  • Automatic 3% company contribution to 401(k)
  • Ericsson match $1 for every $1 you put into the 401(k) Plan on the first 3% of your eligible pay, plus 50 cents on every $1 on the next 2% of eligible pay
  • Company credits for basic life insurance and basic accidental death and dismemberment coverage
  • Company credits for short-term and long-term disability coverage
  • Option to participate in Ericsson’s Stock Purchase Plan
  • 15 days of accrued vacation
  • Up to 3 personal days per year
  • 11 annual holidays
  • 8 hours of volunteer time
  • 80 hours of sick time annually
  • Up to 16 weeks of paid maternity leave
  • 6 weeks of parental or adoption leave at 100% of pay
  • Financial wellness programs
  • Educational assistance
  • Matching gifts
  • Recognition programs
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service