Job DescriptionWho are we looking for?The Senior SOC Analyst is a hands-on incident response specialist responsible for leading complex security investigations, driving effective containment, and uplifting the capability of the SOC through mentoring, detection improvement, and operational leadership.
This role acts as a technical escalation point within the SOC and plays a key role in shaping how Microsoft Sentinel and Defender XDR are used across the organization.
Responsibilities:
Incident Response & Investigation (Primary)
- Lead and coordinate investigation of high-severity and complex security incidents
- Establish incident scope, impact, and likely root cause using Microsoft Sentinel and Defender XDR
- Direct containment and response actions in partnership with IT and infrastructure teams
- Ensure incidents are fully documented, evidence is preserved, and outcomes are defensible
- Support post-incident reviews and drive practical lessons learned
Detection Engineering & Threat Hunting
- Develop, tune, and maintain Microsoft Sentinel analytics rules
- Perform hypothesis-driven threat hunting using Sentinel and Defender Advanced Hunting
- Improve signal quality and reduce false positives through iterative tuning
- Collaborate on internal purple-team activities (attack simulation outcomes to detection improvements)
SOC Capability Uplift
- Act as a technical mentor for junior and mid-level SOC analysts
- Review investigations and provide constructive feedback
- Help define investigation standards, playbooks, and escalation thresholds
- Promote curiosity, analytical thinking, and disciplined incident handling
Hybrid SOC & Stakeholder Engagement
- Work effectively with the MSSP to ensure high-quality alert triage and escalation
- Provide clear, timely technical guidance during active incidents
- Translate technical findings into concise, business-relevant impact statements
- Support the SOC Manager with technical insight for decision-making and prioritization
Scope Clarification
This role
does not own:
- Vulnerability remediation
- Security awareness programs
- Risk acceptance or policy ownership
This role
does provide expert input where incidents, detections, or active threats are involved
Skills and Competencies:
Required- Strong hands-on experience in security incident response within enterprise environments
- Proven expertise with Microsoft Sentinel (analytics, incidents, investigations)
- Strong understanding of Microsoft Defender XDR and identity-based attacks
- Confident investigator with the ability to form and test hypotheses
- Calm and decisive under pressure
- Clear communicator - able to brief both technical and non-technical stakeholders
Desirable- Experience mentoring or uplifting less experienced analysts
- Exposure to breach and attack simulation, purple teaming, or red-team collaboration
- Familiarity with hybrid cloud environments (AAD, Entra, M365, Azure)
Experience and Qualifications:- 5+ years in Security Operations and Incident Response roles
- Demonstrated experience leading or owning security investigations
- Experience in a large, complex, or global organisation
- Certifications (One or more desirable)
- Microsoft SC-200 (Security Operations Analyst)
- Microsoft AZ-500
- GCED / GCIA / GCIH (or equivalent)
- CISSP, CISM, or similar (beneficial, not mandatory)
- Practical experience and investigative capability are prioritized over certifications.
Benefits:
Salary Range Depending on Experiences: $87,975.00-$146,625.00
- 401K - Employees are eligible to participate on the first day of the month following 3 months of service
- Paid time off - Our PTO benefit is designed to provide eligible employees with a period of rest and relaxation, sick, and personal time throughout the year. PTO starts at 16 days per year and increases with years of service
- Holiday Pay - Holiday pay is provided for eligible employees. GHD observes 9 holidays per year. Holiday pay will be based on the regular set schedule for the employee
- Wellness Benefit- Regular full-term employees are eligible to participate in the wellness reimbursement program. GHD will reimburse 50% of the cost of the following to maximum of $250.00 reimbursement annually for such items as: Health club membership fees, Home exercise equipment purchases, Bicycles, Race, run & marathon entrance fees, Smoking cessation programs, Weight loss programs (i.e.-Weight Watchers, Jenny Craig), Fitbits and Fitness Tracking devices
