SOC/Incident Response Analyst

Saliense
Match Resume

About The Position

The SOC Analyst serves as a critical member of the Security Operations Center (SOC), responsible for monitoring, investigating, responding to, and mitigating cybersecurity threats across the enterprise. Depending on experience and skill level, the analyst may perform Tier 1 alert monitoring and triage, Tier 2 incident investigation and response, and Tier 3 advanced threat hunting, detection engineering, and cyber defense leadership activities. The analyst monitors and analyzes security events generated by a variety of security technologies, including Security Information and Event Management (SIEM) platforms, Endpoint Detection and Response (EDR) solutions, network security monitoring tools, cloud security platforms, email security systems, identity management systems, and threat intelligence feeds. Responsibilities include identifying suspicious activity, validating potential threats, investigating security incidents, determining scope and impact, and coordinating response efforts. The SOC Analyst conducts investigations across endpoints, networks, cloud environments, and identity platforms to identify indicators of compromise, malicious activity, policy violations, and emerging threats. The position supports incident response activities through evidence collection, log analysis, threat intelligence correlation, malware triage, forensic review, and root cause analysis. More experienced analysts may lead complex investigations involving ransomware, advanced persistent threats (APTs), insider threats, cloud compromises, and sophisticated attack campaigns. Senior-level analysts also contribute to detection engineering initiatives by developing and refining detection logic, improving alert fidelity, creating use cases, enhancing SOC processes, and mentoring junior analysts. The role requires strong analytical skills, attention to detail, effective communication, and the ability to make informed decisions in a fast-paced operational environment. Analysts are expected to stay current with evolving cyber threats, attacker tactics, techniques, and procedures (TTPs), and emerging security technologies.

Requirements

  • Strong understanding of cybersecurity principles, security operations, and incident response methodologies.
  • Knowledge of networking concepts including TCP/IP, DNS, HTTP/HTTPS, VPNs, firewalls, and network protocols.
  • Experience with Windows, Linux, Active Directory, cloud environments, and identity management systems.
  • Experience using SIEM platforms, EDR solutions, threat intelligence platforms, and security monitoring tools.
  • Knowledge of common attack techniques, malware behavior, phishing campaigns, credential theft, ransomware, insider threats, and cloud-based attacks.
  • Understanding of threat detection methodologies, threat hunting, and incident management processes.
  • Familiarity with MITRE ATT&CK, Cyber Kill Chain, and threat intelligence frameworks.
  • Strong analytical, problem-solving, and decision-making skills.
  • Excellent written and verbal communication skills with the ability to clearly document investigations and present findings.
  • Ability to work effectively in a 24x7 operational environment and manage multiple investigations simultaneously.
  • Demonstrated commitment to continuous learning and professional development.

Nice To Haves

  • CompTIA Security+
  • CompTIA CySA+
  • CompTIA CASP+
  • SSCP
  • GSEC
  • GCIA
  • GCIH
  • GCED
  • CISSP
  • GCFA
  • GREM
  • GCTI
  • Equivalent cybersecurity certifications and relevant experience will also be considered.

Responsibilities

  • Monitor, triage, investigate, and respond to security alerts and events.
  • Analyze security data from SIEM, EDR, network, cloud, email, and identity security platforms.
  • Identify indicators of compromise, suspicious activity, and potential security incidents.
  • Perform incident investigation, containment, eradication, and recovery activities as appropriate.
  • Correlate threat intelligence, log data, and security telemetry to determine incident scope and impact.
  • Conduct threat hunting activities to proactively identify malicious activity.
  • Perform malware analysis, forensic review, and digital evidence collection.
  • Document investigations, findings, and response actions in accordance with established procedures.
  • Escalate incidents when necessary and provide technical guidance during investigations.
  • Develop and improve detection content, alerting rules, and security monitoring capabilities.
  • Support continuous improvement initiatives for SOC operations and incident response processes.
  • Collaborate with security engineers, incident responders, system administrators, and business stakeholders during security events.
  • Mentor junior analysts and contribute to team knowledge sharing and development.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Entry Level

Education Level

No Education Listed

Job Search Resources

Similar SOC/Incident Response Analyst job opportunities

🔥 New JobIncident Response Analyst
Talentgrator
Talentgrator20h
🔥 New JobCyber Incident Response Analyst
Allied Consultants, Inc.
Allied Consultants, Inc. • San Antonio, TX1d • Onsite
Cybersecurity Incident Response Analyst II
Avnet
Avnet • Chandler, AZ7d
Cybersecurity Incident Response Analyst II
Avnet
Avnet • Chandler, AZ5d
Incident Response Coordinator
Carnegie Mellon University
Carnegie Mellon University • Pittsburgh, PA7d • Onsite
🔥 New JobIncident Commander / Incident Response Lead
Saliense
Saliense6d

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service