SOC Analyst

This role will serve as a SOC Analyst (Consultant) within the Division of Information Security (DIS), supporting statewide security monitoring, threat detection, and incident response operations. The position focuses on day‑to‑day SOC activities, working closely with DIS security teams and state agencies to identify, investigate, and respond to security events. This position is needed to ensure the state can continuously detect, investigate, and respond to security threats in a timely manner, reducing operational and cybersecurity risk across state agencies while improving the effectiveness of centralized SOC monitoring and incident response capabilities. This is a contract role with an initial 12‑month term and the potential for extension. While remote work is supported, candidates who can provide onsite support in Columbia, South Carolina when needed will be preferred. On a daily basis, the SOC Analyst will perform continuous security monitoring and incident response activities, including reviewing, correlating, and analyzing security alerts generated by centralized security platforms. The role requires a minimum of two years of hands‑on experience supporting security incident response, including validating alerts, investigating suspicious activity, determining scope and impact, and escalating confirmed incidents when required. The analyst will apply the MITRE ATT&CK Framework to analyze adversary tactics and techniques, support detection logic, and improve understanding of attacker behavior during investigations. The SOC Analyst will also be responsible for creating and maintaining dashboards and security reports used by operational teams and leadership. This includes translating security event data into clear metrics and visualizations that highlight trends, incident activity, and overall security posture. A minimum of two years of experience with dashboard creation and security reporting is required to effectively communicate findings to both technical and non‑technical stakeholders.