Security Operations Center (SOC) Tier- 3 - Full-time

MAD Security, LLC

$90K — $120K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Minimum six (6) years of experience in IT security or information technology
  • Experience in a Security Operations Center or Network Operations Center environment
  • Knowledge in incident response, forensics, and malware reverse engineering
  • Familiarity with industry security tools like Elastic and Fortinet
  • Bachelor's degree in IT, Information Security, or Computer Science preferred

Responsibilities

  • Master SOC tools and procedures for effective operation
  • Apply knowledge of SIEM and SOAR to monitor client environments
  • Administer Elastic and relevant SOC technologies
  • Triage and investigate client security events
  • Lead incident response activities and focused threat hunts
  • Collaborate with SOC experts on cybersecurity matters
  • Continuously improve SOC technology for better detection and prevention

Benefits

  • Onsite position in Huntsville, Alabama
  • Opportunity to work closely with a multi-functional team
  • No travel required for this position
  • Emphasis on professional growth and learning
  • Collaborative environment fostering knowledge sharing
Full Job Description
Security Operations Center (SOC) Tier-3 Analyst

Department: Security Operations

Reports To: Security Operations Center Technical Lead

The SOC Tier-3 Analyst is responsible for advanced security monitoring, incident response, and

threat hunting in support of our clients daily in Huntsville, Alabama. The SOC Tier-3 Analyst

should be deeply familiar with security operations technologies and disciplines including

Security Information and Event Management (SIEM), Security Orchestration, Automation, and

Response (SOAR), incident response (IR), firewall management (FW), and vulnerability

management (VM). In this position, you will analyze, triage, and investigate client security

events, lead complex incident response efforts, conduct focused threat hunt operations,

integrate AI-driven workflows into SOC operations, and continuously improve detection and

prevention capabilities while working as part of a multi-function team that includes network

engineers, cyber operations technical leads, cyber operations center managers, firewall

engineers, and compliance management consultants.

Primary Duties
• Master the technical tools and procedures used to manage and operate the SOC
• Apply a deep understanding of how SIEM and SOAR technologies function to monitor

and defend client environments
• Administer and maintain Elastic and related SOC tooling
• Analyze, triage, aggregate, escalate, and report on client security events, including

investigation of anomalous and malicious activity
• Lead problem solving and resolution during incident response events
• Plan and execute focused threat hunt operations
• Perform correlation and trend analysis of security logs, network traffic, security alerts,

events, and incidents
• Collaborate with all SOC experts to monitor, identify, and make notifications on

cybersecurity matters to provide a holistic and seamless experience for the client
• Continuously improve SOC technologies to minimize false positives and maximize

detection and prevention effectiveness
• Build, tune, and operationalize AI-assisted SOC workflows for detection, alert triage,

enrichment, and automated response
• Evaluate AI and automation tooling to improve analyst efficiency and speed to resolution

while preserving accuracy and human oversight of critical decisions
• Develop comprehensive and accurate reports and presentations for technical and

executive audiences
• Design and conduct proof-of-concept tests to replicate third-party findings and propose

solutions to resolve discovered security issues
• Communicate regularly with the team and with clients to proactively address concerns

and maintain trusted relationships

Required Qualifications
• Minimum six (6) years of experience in IT security and/or information technology
• Experience working in a Security Operations Center or Network Operations Center in an

enterprise or managed services provider (MSP/MSSP) environment
• Experience in incident response, forensics, malware reverse engineering, or incident

investigation in large-scale environments
• Experience with industry security tooling required; experience with Elastic, Fortinet,

Avanan, OpenText NDR, and Microsoft Sentinel is a plus
• Bachelor's degree in Information Technology, Information Security/Assurance, Computer

Science, or an equivalent combination of education and experience preferred; Master's

degree a plus
• Strong problem solving and critical thinking skills, with the ability to prioritize and execute

autonomously
• Ability to tune correlation rules and outcomes via SIEM and SOAR platforms and apply

emerging SOC and IR techniques to improve efficiency and effectiveness
• Familiarity with applying AI and automation in a SOC context to augment detection,

triage, and response, with sound judgment about where human oversight remains

essential
• A desire to take on roles of increasing responsibility including defining services,

managing teams, and coordinating resources
• Integrity: Ethical and respectful to clients and team
• Grit: Ability to self-motivate, self-manage, and meet deadlines when faced with

competing priorities
• Customer-centric: Understand that partnership with our clients is a "win-win" scenario
• Selfless: Understand that when one team member succeeds, we all succeed

Supervisor Responsibilities

N/A

Knowledge, Skills, and Abilities

10 Characteristics of Every Professional at MAD Security

1. Customer Service and Satisfaction First. Understanding and satisfying our customers

is the cornerstone to our success. We must do what is necessary to meet those needs.

2. Expertise is our Specialty. The very word professional implies expertise, and technical

competence is essential to our service-oriented structure. We must become an expert in

the skills and tools we use in our operations, we must perform to the best of our abilities,

and we must keep our knowledge up to date.

3. Do and Deliver More Than Expected. Professionals are expected to produce results.

We strive to complete deliverables before they are due, of higher quality than

anticipated, and under budget. Professionals exceed expectations whenever possible.

4. Deliver on What We Say and What We Can Do. Professionals deliver on promises

made. We engage our brain before speaking; before we say we can do something, we

make sure we can do it.

5. Communicate Effectively. Whether verbal or written, professionals communicate

clearly, concisely, thoroughly, and accurately.

Communicate Effectively. Whether verbal or written, professionals communicate

clearly, concisely, thoroughly, and accurately. Effective communication is ultimately our

responsibility as a professional.

6. Follow Exceptional Guiding Principles. Professionals adhere to high ethical values

and principles. We appreciate and support our co-workers, practice good manners and

proper etiquette, are honest and fair in all our dealings, and have a high ethical and

moral standard.

7. Praise Our Co-workers. Professionals are humble and generous in their praise for

others. We respect and acknowledge the talents and capabilities of our co-workers.

8. Share Knowledge. Professionals help their peers and co-workers and are respected for

doing so. Information isn't a limited resource; our minds won't be emptied by giving away

kernels of wisdom or experience. We think of knowledge as an ocean of facts and not a

stream of data. It is possible to share what we know and stay one step ahead of the

competition; professionals simply apply themselves to learn something new daily.

9. Express Gratitude. Professionals thank others in a meaningful way that most benefits

the recipient.

10. Maintain the Right Attitude. Professionals are pleasant even during trying times.

Location and Work Environment

Onsite in Huntsville, Alabama. While performing the duties of this Job Description, the employee

regularly works in an office setting.

Physical Demands

The physical demands described herein are representative of those which must be met by an

employee to perform the Primary Duties of this Job Description successfully.

Travel

Travel is not required for this position.

Other Duties

Please note this Job Description is intended to describe the general nature and level of work to

be performed by the employee(s) assigned to this Job Title. It is not designed to contain nor be

interpreted as a comprehensive and/or all-inclusive list of duties, responsibilities, and

qualifications. MAD Security, LLC reserves the right to amend and/or change responsibilities to

meet business and organizational needs, as necessary, with or without notice.

Similar Jobs

More Jobs at MAD Security, LLC

More Information Technology Jobs

Find similar Security Operations Center (SOC) Tier- 3 - Full-time jobs: