Position Overview
Manages security operations tasks independently and contributes to the design and implementation of security controls.

Job Description

Your Team & Role:

As a Senior Security Operations Center (SOC) Analyst, you'll take the lead on investigating and mitigating security incidents across the organization. You'll dig into digital evidence, guide teammates through complex problems, and help strengthen our overall detection and response capabilities. In this role, you'll handle hands-on technical work like forensics and incident analysis, while also supporting the team by sharing knowledge, improving processes, and helping shape how we respond to threats. A component of this role will be focused around DLP and insider risk initiatives, which include incident analysis and process building in this space

Key Responsibilities:

• Incident Analysis & Handling: Triage alerts, investigate suspicious activity, lead incident response steps, and coordinate containment and recovery efforts.
• Data Collection & Normalization: Make sure logs and security data are gathered correctly, cleaned up, and organized so the team can analyze them effectively.
• Digital Forensics: Examine systems, files, logs, and network data to understand what happened during security events.
• Mentoring & Training: Help newer analysts grow by sharing your experience, offering guidance, and running training sessions when needed.
• Technical / Process Guidance: Assist team members with technical questions, tool usage, investigation methods, and established response workflows.
• Shift Leadership: Act as the point person during your shift: manage workload, oversee investigations, ensure smooth handoffs, and support teammates. Participate in a rotating on-call schedule as required.
• Innovation: Look for opportunities to improve processes, recommend new tools or automations, and help refine how the team operates.

Here is What You Can Expect on a Typical Day:

• Reviewing alerts and logs to identify potential threats or unusual activity.
• Leading or assisting with active investigations and driving them toward containment and resolution.
• Running forensic analysis on hosts, cloud workloads, or network artifacts to uncover root causes and timelines.
• Collaborating with IT, cloud, engineering, or other security teams to gather data or take action on investigations.
• Sharing insights with teammates, helping them troubleshoot difficult cases, or walking them through an investigation technique.
• Updating documentation, writing reports, or summarizing incident findings.
• Teaching something new to the team-maybe a tool trick, a technique, or a better approach to analysis.
• Handling shift responsibilities like queue management, monitoring ongoing investigations, and tracking priorities.
• Identifying process gaps or tools that could be improved and proposing better ways to do things.
• Perform other tasks required by management as needed

Qualifications:

• Bachelor of Computer Science, Engineering, Information Security, Information Technology, or 4+ years of equivalent experience.
• 3+ years of enterprise level incident handling
• Ability to partner with enterprise teams within a cybersecurity context, leveraging diverse ideas, experiences, thoughts, and perspectives to improve the organization.

• Effective oral and written communication skills with experience in cybersecurity technical process documentation.
• Demonstrated cyber defense and information security passion, including commitment to maintaining technical proficiency
• Proven record of thought leadership via innovation and non-traditional solutions
• Fundamental understanding of IT Security practices/programs/tooling, with demonstrated examples of driving initiatives forwards.

Preferred qualifications:

• Advanced cybersecurity certifications (e.g., GCFA, GCIA, GNFA, GCTI, GREM, GCIH, GCFA, GPEN, OSCP, etc.)
• Cloud (AWS, Azure, GCP, etc.) certifications
• Proficiency in scripting and high-level programming languages (Python, PowerShell, bash, etc.)
• Functional knowledge of SIEM, SOAR, malware sandboxing solutions and related tools

Please note at this time we are unable to proceed with candidates who require visa sponsorship now or in the future.

Location and Workplace Flexibility

Zelis is headquartered in the U.S., with multiple locations across the country and in Hyderabad, India. Check out our locations to learn more about our offices. All employee work locations are based on the needs of the position and are determined by the Leadership team. In-office work and activities vary based on work and team objectives in accordance with Company policies.

While location expectations vary by role, candidates within approximately 50 miles of a U.S. office are generally preferred to support collaboration when needed. Our hybrid approach is flexible, and in-office presence is guided by team and business needs rather than a fixed weekly schedule.

Base Salary Range
$105,000.00 - $133,000.00

At Zelis we are committed to providing fair and equitable compensation packages. The base salary range allows us to make an offer that considers multiple individualized factors, including experience, education, qualifications, as well as job-related and industry-related knowledge and skills, etc. Base pay is just one part of our Total Rewards package, which may also include discretionary bonus plans, commissions, or other incentives depending on the role.

Zelis' full-time associates are eligible for a highly competitive benefits package as well, which demonstrates our commitment to our employees' health, well-being, and financial protection. The US-based benefits include a 401k plan with employer match, flexible paid time off, holidays, parental leaves, life and disability insurance, and health benefits including medical, dental, vision, and prescription drug coverage.

Disclaimer

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities, duties, and skills from time to time.