Senior SOC Analyst

The Senior SOC Analyst is a critical member of the Security Operations Center (SOC) team, responsible for leading advanced threat detection and response activities, contributing to the development of detection engineering capabilities, and mentoring junior SOC analysts. This role involves the proactive identification of security vulnerabilities, real-time monitoring of security events, and implementation of solutions to strengthen the organization's security posture.

The Senior Analyst acts as a technical expert, bridging gaps between operational SOC activities and strategic initiatives. This includes developing advanced detection rules, conducting threat hunts, and contributing to the continuous improvement of the SOC’s operational processes. The incumbent also collaborates with the Cyber Security Engineering team to optimize the deployment and configuration of detection platforms.

Technical Expertise (70%)

• Detection Engineering: Develop, test, and implement advanced detection rules and logic (e.g., SIEM use cases, YARA rules, Sigma rules) to identify and mitigate security threats.
• Incident Management: Lead high-priority investigations, ensuring rapid containment and remediation of incidents while maintaining detailed documentation of activities and findings.
• Threat Hunting: Perform proactive threat-hunting activities to identify advanced persistent threats (APTs), leveraging threat intelligence and behavioral analytics.
• Platform Optimization: Partner with security engineers to refine security tool configurations, ensuring maximum efficiency and reliability in threat detection and response.
• Vulnerability Assessment: Assess and report on potential vulnerabilities in systems, networks, and applications, providing actionable recommendations for risk mitigation.

Leadership & Mentorship (30%)

• Team Collaboration: Act as a mentor to junior SOC analysts, providing guidance on investigations, tool utilization, and professional growth.
• Knowledge Sharing: Develop and deliver training materials to enhance team proficiency in incident detection, response techniques, and detection engineering.
• Process Improvement: Lead the development and refinement of SOC workflows and playbooks, ensuring alignment with industry best practices and organizational goals.
• Operational Excellence (20%)
• Metrics and Reporting: Generate and present detailed security reports to leadership, summarizing key findings, operational trends, and recommendations.
• Change Management: Implement changes to SOC tools and processes in alignment with established change control procedures.
• Stakeholder Engagement: Collaborate with cross-functional teams to align security efforts with business objectives and ensure seamless communication during incidents.

Required Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field, or equivalent experience and certifications.
• 5 years of experience in SOC operations, cybersecurity analysis, or a similar role.
• Demonstrated expertise in detection engineering, including the use of tools like Splunk, Elastic, or Sentinel for rule development and optimization.
• Strong understanding of security concepts, including intrusion detection/prevention, malware analysis, and threat intelligence integration.
• Experience with incident response, including containment, eradication, and recovery.

Preferred Qualifications:

• Detection Engineering: Proficiency in developing detection logic (e.g., YARA, Sigma) and utilizing platforms like Splunk or Elastic for advanced alert creation.
• Incident Response: Advanced capability to lead investigations and manage complex incidents.
• Threat Hunting: Strong ability to leverage tools and intelligence to proactively identify hidden threats.
• Cloud Security: Familiarity with securing and monitoring cloud environments (AWS, Azure, Google Cloud).
• Automation: Knowledge of automating SOC workflows using SOAR platforms and scripting languages (e.g., Python).

Individual Competencies:

• Integrity:  Gains the trust of others by taking responsibility for their own actions and telling the truth. Follows through on commitments and agreements; Respects confidentiality; Maintains confidentiality regardless of pressure from others.
• Teamwork:  Builds relationships and works cooperatively with others, inside and outside the organization, to accomplish objectives to build and maintain mutually beneficial partnerships, leverage information and achieve results.
• Curious: A desire to inquire and learn, to seek new knowledge and wisdom, and to listen to the contributions of others with a genuine interest to better self, the team, and the organization.
• Analytical and Critical Thinking: Ability to tackle a problem by using a logical, systematic, sequential approach.
• Problem Solving: Gathers and analyzes information to generate and evaluate potential solutions to problems, issues and challenges while weighing the accuracy and relevance of the facts, data and information.
• Collaboration: Works collaboratively with others to achieve group goals and objectives.

The physical demands described here are representative of those that must be met by an associate to successfully perform the major job responsibilities (essential functions) of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the major job responsibilities. This job description is not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the job. Duties responsibilities and activities may change, or new ones may be assigned at any time with or without notice.

While performing the duties of this job, the associate is: 

• Regularly required to use hands to finger, handle or feel objects, tools or controls, and reach with hands or arms.
• Regularly required to talk or hear and read instructions on a computer monitor and/or printed on paper.
• Occasionally required to stand, kneel or stoop, and lift and/or move up to 10 pounds.
• Regularly required to view items at an extremely close range and must be able to adjust and readjust focus.
• Regularly required to remain in a stationary position.

We are an Equal Opportunity Employer, including disability/vets.