Cybersecurity SOC Analyst (Mid-Level)
Posted Today by 1761820147
Negotiable
Outside
Remote
USA
Summary: The SOC Analyst role involves identifying, analyzing, and responding to security threats within a cybersecurity operations team. The position requires hands-on technical expertise in security monitoring and incident response, with a focus on complex investigations. The analyst will work closely with security partners and contribute to the overall maturity of the Security Operations Center (SOC). This role is ideal for candidates with a solid foundation in cybersecurity operations and a desire to improve detection and response capabilities.
Key Responsibilities:
- Investigate and validate alerts escalated from security partners using SIEM, EDR, and other security tools.
- Execute containment and remediation steps for confirmed incidents and escalate to Tier 3 when deeper expertise is required.
- Correlate data across multiple sources to identify patterns and indicators of compromise (IOCs).
- Work with engineering and Tier 3 teams to fine-tune detection rules and reduce false positives.
- Document SOC workflows, procedures, and incident handling processes; build and maintain runbooks.
- Stay current on emerging threats, vulnerabilities, and security technologies; recommend improvements to detection and response capabilities.
Key Skills:
- 2+ years of experience in a SOC or cybersecurity operations role.
- Experience with Microsoft Sentinel for SIEM and Microsoft Defender for Endpoint for EDR.
- Solid understanding of TCP/IP, Windows/Linux OS internals, and common attack vectors.
- Familiarity with MITRE ATT&CK, cyber kill chain, and threat modeling.
- Strong analytical and problem-solving skills.
- Excellent written and verbal communication skills.
- Security certifications such as Security+, CySA+, GCIH, GCIA, or equivalent.
- Experience with scripting (Python, PowerShell) for automation and analysis.
- Exposure to cloud security monitoring (Azure, AWS, Google Cloud Platform).
- Understanding of compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS).
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: Mid-Level
Industry: IT
We are seeking a skilled and motivated SOC Analyst to join our growing cybersecurity operations team. As a SOC Analyst, you will play a critical role in identifying, analyzing, and responding to security threats that have been escalated from our Managed SOC Service Provider (MSSP). This is a hands-on technical role ideal for someone with a strong foundation in security monitoring and incident response who is ready to take on more complex investigations and contribute to the maturity of our SOC.
Key Responsibilities:
Alert Triage & Validation: Investigate and validate alerts escalated from our security partners using SIEM, EDR, and other security tools.
Incident Response: Execute containment and remediation steps for confirmed incidents. Escalate to Tier 3 when deeper forensic or threat hunting expertise is required.
Threat Analysis: Correlate data across multiple sources (network, endpoint, cloud) to identify patterns and indicators of compromise (IOCs).
Detection Tuning: Work with engineering and Tier 3 teams to fine-tune detection rules and reduce false positives.
Process Development: Document SOC workflows, procedures, and incident handling processes. Build and maintain runbooks to standardize response actions and improve operational efficiency.
Continuous Improvement: Stay current on emerging threats, vulnerabilities, and security technologies. Recommend improvements to detection and response capabilities.
Required Qualifications:
2+ years of experience in a SOC or cybersecurity operations role.
Experience with Microsoft Sentinel for SIEM and Microsoft Defender for Endpoint for EDR.
Solid understanding of TCP/IP, Windows/Linux OS internals, and common attack vectors.
Familiarity with MITRE ATT&CK, cyber kill chain, and threat modeling.
Strong analytical and problem-solving skills.
Excellent written and verbal communication skills.
Preferred Qualifications:
Security certifications such as Security+, CySA+, GCIH, GCIA, or equivalent.
Experience with scripting (Python, PowerShell) for automation and analysis.
Exposure to cloud security monitoring (Azure, AWS, Google Cloud Platform).
Understanding of compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS).