Security Operations Center Senior Analyst

Tasks

• Automate enrichment triage and response using SOAR
• Conduct quality reviews of case handling
• Create after-action reports and lessons learned
• Deliver containment and remediation guidance
• Develop and optimize prompt templates for SOC use cases
• Develop and tune detection content
• Evaluate accuracy of AI outputs
• Identify automation opportunities to reduce MTTR
• Identify detection gaps
• Implement QA steps for AI results
• Integrate enrichment sources threat intelligence and AI analysis
• Lead high-severity incident investigations
• Lead technical briefings and workshops
• Maintain runbooks and knowledge bases
• Mentor junior analysts on investigations
• Perform incident root cause analysis
• Produce incident summaries and executive reporting
• Propose monitoring and detection process improvements
• Provide technical liaison during escalated incidents
• Recommend new threat hunts based on TTPs and telemetry gaps
• Reconstruct incident timelines using MITRE ATT&CK
• Support hypothesis driven threat hunting
• Translate hunt findings into new detections and instrumentation
• Use AI tools for case triage and investigation
• Validate automation logic before rollout
• Validate detections against production telemetry

Perks/Benefits

• Flexible schedule
• Mentorship
• Training and development

Skills/Tech-stack

AI-assisted analysis | Automation | Cause analysis | Detection engineering | EDR | Elastic Stack | Enrichment Automation | Incident Response | KQL | Kubernetes | LLM | Log Analysis | MITRE ATT&CK | MTTR reduction | Machine Learning | Prompt engineering | Root Cause Analysis | Root cause | SIEM | SOAR | Scripting | Sigma | Sigma rules | Splunk | Telemetry Analysis | Threat Intelligence | Threat hunting | XDR