Senior SOC Analyst
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior SOC Analyst leading investigations and enhancing defenses in a fast-growing cybersecurity firm. Collaborating across teams to mitigate risks in diverse environments.
Responsibilities:
- Lead deep-dive investigations across SIEM/EDR, cloud, and network telemetry; build timelines and determine scope and impact
- Perform advanced analysis of endpoint activity, authentication/identity events, email telemetry, and network artifacts to identify attacker TTPs
- Drive case direction by forming and testing hypotheses; identify containment and remediation actions with clear rationale
- Provide clear, actionable technical updates and risk-based recommendations to technical and nontechnical audiences
- Conduct root cause analysis and contribute to post-incident reviews; ensure corrective actions and detection improvements are tracked to completion
- Develop and maintain detection content (KQL/SPL/Sigma) and associated response playbooks; validate efficacy through testing and tuning
- Perform proactive threat hunting using known IOCs, behavioral analytics, and threat intelligence; document hunt hypotheses and outcomes
- Design or request SOAR/automation improvements to reduce time-to-triage and improve consistency (enrichment, containment workflows, reporting)
- Mentor and coach SOC Analysts; provide structured feedback on investigations, ticket quality, and incident handling
- Establish and reinforce documentation standards, severity classification consistency, and investigation methodologies
- Deliver high-quality incident reports including executive summaries, technical details, and prioritized remediation recommendations (as assigned)
Requirements:
- 3–6+ years of experience in security operations, incident response, threat detection, or threat analysis
- Demonstrated experience leading complex investigations and coordinating incident response across technical teams
- Strong proficiency with SIEM and EDR platforms; experience writing detection logic and running advanced queries (KQL/SPL/Sigma)
- Strong knowledge of adversary behaviors and frameworks (MITRE ATT&CK) and incident handling practices (NIST concepts)
- Experience with cloud and identity security telemetry (Microsoft 365, Azure/AWS, Entra ID/Azure AD) and modern endpoint telemetry
- Excellent written and verbal communication skills; ability to brief technical and non-technical stakeholders
- Relevant certifications (one or more): CySA+, GCIH, GCIA, ECIH (or equivalent)
- Bachelor’s degree in a related field or equivalent practical experience.
Benefits:
- Employer-paid Health and Dental Insurance for CA employees
- 401k with employer matching
- Opportunities for professional development, including certifications and ongoing training
- Vacation and PTO
Similar Jobs
Senior Director Analyst – Security Operations, Threat Detection, Response and Automation
Security Operations Analyst focused on security operations research and client engagement. Supporting Gartner clients with expertise in threat detection, incident response, and automation.
Security Operations Engineer
Security Operations Engineer role at FICO focusing on cyber protection and automation development. Involved in incident response and security operations for a leading analytics company.
Regional SOC Analyst
As a Regional SOC Analyst, you'll shape the security architecture at Kelvion and enhance cyber security in an international environment.
Development Security Operations Engineer, Healthcare Consulting
Development Operations Engineer for Sellers Dorsey designing automated systems and tools in healthcare consulting. Bridging software development and security engineering operations to optimize delivery systems.
SOC Team Lead
SOC Team Lead managing a Security Operations Center team and guiding customer onboarding processes. Providing leadership and ensuring delivery of cybersecurity operations for clients.
Security Operations Intern, Summer 2026
Security Operations Intern role supporting security program development and documentation for a technology company. Collaborating with Security leadership to gain practical experience in governance, risk, and compliance.
Cybersecurity Incident Response Analyst
Cybersecurity Incident Response Analyst at Hitachi protecting renewable energy systems from cybersecurity threats. Collaborating with global teams for incident response and security monitoring.
Senior Cybersecurity Engineer, CSOC
Senior Cybersecurity Engineer managing security operations within Starbucks' Cybersecurity Operations Center. Detecting, assessing and responding to cybersecurity incidents to ensure protection against threats.
Senior Director, Security Operations Center
Senior Director leading global Security Operations Center at CFA Institute. Setting strategic vision and managing high-performing teams for security operations.
Cybersecurity Operations Intern
Entry-level Cybersecurity Operations Intern at AMERICAN SYSTEMS performing day-to-day operations of security solutions. Involves resolving security incidents and collaborating with a small team.
Cyber Operations Intern
IT Security Analyst intern performing day-to-day security operations at AMERICAN SYSTEMS. Identifying and resolving security incidents while maintaining security tools and processes.
Security Operations
Security Operations position overseeing compliance and security frameworks at DeepJudge. Collaborating with clients to ensure enterprise-level security and privacy practices.
Cyber Security Operations Center (CSOC) Analyst – Tier 3
Cyber Security Operations Center Analyst in athenahealth focusing on incident response, threat hunting, and cross-functional coordination. Requires a bachelor's degree and extensive cyber security experience.
Security Operations Engineer II
Security Operations Engineer II optimizing systems and responding to security threats in cybersecurity. Monitoring, detecting, and analyzing, while enhancing infrastructure security from real-world threats.
SOC Analyst I
SOC Analyst I for Sentinel Blue monitoring security operations and handling potential incidents in cybersecurity. Engaging in real-time threat analysis and response with opportunities for growth.
Senior SOC Analyst, Microsoft Stack Focus
Cyber Defender (Senior SOC Analyst) at Ontinue focusing on detection and response in security operations. Collaborating with teams to enhance managed security services using Microsoft tools.
Cyber Operations Advisor
Cyber Operations Advisor leading client business reviews and technical remediation at Optiv. Managing multiple cybersecurity engagements and strategic initiatives for client satisfaction.
IT Intern – Cybersecurity Operations, Forensics & Incident Response
Cybersecurity Operations Intern at Ascension Technologies focusing on incident response and detection engineering. Develop technical skills through real-world IT experience within a large IT service environment.
IT Intern – Cybersecurity Operations, Cyber Threat Intelligence
Cybersecurity Operations Intern at Ascension Technologies conducting threat research and intelligence production tasks. Engaging in real-life projects and collaborating with IT Infrastructure and Security teams.
Senior Cybersecurity Incident Response Analyst
Cybersecurity Incident Response Analyst supporting secure operations of IQVIA's global IT infrastructure. Collaborating across departments to respond to security events and strengthen safeguards.