Security Operations Center (SOC) Analyst

World Wide Technology Healthcare Solutions•Jenks, OK

12h•Onsite

About The Position

Our Security Operations Center (SOC) is seeking a mid-level SOC Analyst to support day-to-day security monitoring, incident investigation, and response activities. This role is designed for an analyst who has moved beyond entry-level alert triage and is comfortable owning investigations, escalating appropriately, and contributing to the continuous improvement of SOC operations. You will work closely with Senior SOC Analysts, Incident Response, and Security Engineering teams to investigate security events, execute response actions, and help improve the quality and efficiency of our detection and response capabilities.

Requirements

2–4 years of experience in a SOC, security monitoring, or incident response role.
Hands-on experience investigating security alerts and incidents in enterprise environments.
Familiarity with SIEM platforms and common security telemetry (authentication, endpoint, network, cloud).
Working knowledge of common attack techniques and adversary behaviors.
Ability to document investigations clearly and follow defined SOC processes.
Strong analytical thinking and attention to detail.
Applicants must be authorized to work in the United States. We are unable to provide sponsorship for this position.

Responsibilities

Monitor and triage security alerts from SIEM, EDR, NDR, Cloud, and identity platforms.
Investigate security events end to end, including log analysis, enrichment, and context building.
Identify false positives, benign activity, and confirmed threats using evidence-based analysis.
Escalate incidents appropriately based on severity, scope, and confidence.
Assist Senior Analysts during high severity or complex incident response efforts.
Identify recurring investigation patterns that may indicate automation or enrichment opportunities.
Support threat hunting activities by assisting with hypothesis-driven and intelligence-led hunts across endpoint, identity, cloud, and network telemetry.
Analyze suspicious behaviors that fall outside standard alerting and escalate findings with supporting evidence.
Document hunt activities, assumptions, findings, and outcomes in a clear and repeatable manner.
Identify patterns or behaviors that may indicate detection gaps or monitoring weaknesses.
Participate in post-hunt reviews and contribute observations to improve future hunt methodologies.
Assist with validating and testing new detections prior to production deployment.
Review alerts for false positives and provide structured feedback to improve detection fidelity.
Analyze detection outputs to ensure alerts are actionable, context-rich, and aligned with SOC workflows.
Help identify coverage gaps by correlating investigation findings with existing detections.
Support documentation of detection logic, data sources, and investigation guidance.
Participate in active incident response activities under the guidance of Senior SOC Analysts or Incident Command.
Support containment, eradication, and recovery tasks following documented procedures.
Document investigation findings clearly and accurately in tickets, IR notes, and reports.
Contribute to post-incident reviews by identifying detection gaps or process improvements.
Work closely with Incident Response, IAM, Infrastructure, Cloud, and GRC teams during investigations.
Communicate clearly and professionally in tickets, chat channels, and incident bridges.
Actively pursue technical and operational skill growth toward senior-level expectations.
Participate in training, tabletop exercises, and mentorship opportunities.
Contribute to SOC documentation, runbooks, and knowledge base updates.