The Senior SOC Analyst is an experienced cybersecurity professional responsible for handling complex and high-priority security inquiries, incidents, and service requests. Acting as a technical expert and mentor to Analysts, the Senior SOC Analyst plays a crucial role in ensuring swift and accurate resolutions, guiding technical topics, and serving as a critical escalation point.
Please note that this role is on-site, therefore working in the Morrisville Collaboration Hub 3+ times per week is required. The standard shift is 3pm-11pm EST, either Tuesday-Saturday or Sunday-Thursday.What You'll Do- Led DFIR (Digital Forensics & Incident Response) investigations, performing rapid triage, evidence preservation, root-cause analysis, and incident containment across endpoint, identity, and cloud environments.
- Directed end-to-end incident response (IR) for high-severity security events, including scoping impact, coordinating containment and eradication, and delivering clear technical and executive-level incident reporting.
- Developed and tuned threat detections using SIEM/XDR telemetry (process, network, file, and identity signals), aligning detections to MITRE ATT&CK and reducing false positives while improving time-to-detect.
- Lead IH engagements from containment through eradication and recovery planning.
- Provide technical and procedural guidance to customers during active incidents.
- Conduct root-cause analysis and determine long-term remediation steps.
- Perform deep-dive analysis of attacker TTPs, persistence mechanisms, and lateral movement.
- Review forensic artifacts from endpoints, networks, and cloud environments.
- Correlate indicators of compromise to broader attack campaigns and threat actors.
- Act as a primary point of contact for customers during incident engagements.
- Deliver technical findings and recommendations to both technical and executive stakeholders.
- Provide remediation roadmaps tailored to customer environments.
- Partner with operational MDR team analysts to transition containment into IH workflows.
- Collaborate with operational MDR Teams for intelligence gathering and validation.
- Contribute to IH playbook development and improvement.
- Provide mentorship and peer review for junior analysts.
- Share lessons learned with SOC leadership to improve service delivery.
What You'll Bring- 4-6 years of experience in SOC, Managed Detection Response, or equivalent cybersecurity role.
- Proven experience handling escalations and complex investigations.
- Bachelor's degree in Cybersecurity, IT, or related field (or equivalent experience).
- Advanced knowledge of SOC operations, incident support, and analysis techniques.
- Ability to mentor and support less experienced analysts.
- Excellent communication skills for both technical and non-technical audiences.
- High proficiency with SIEM, IDS/IPS, EDR, and related tools.
- Analytical and detail-oriented with a passion for solving problems.
- Strong mentor and team player.
- Calm and dependable under high-pressure situations.
- Ethical, professional, and dedicated to customer security.
- Ability to work on a 24/7 shifting model. The standard shift is 3pm-11pm EST, either Tuesday-Saturday or Sunday-Thursday.
Purple Perks- Fully covered medical, dental and vision - for employee and eligible dependents!
- Generous PTO and observed holidays
- 2 Paid VoluNteer Days per year
- Paid Parental Leave
- 401(k) with company-match and Flexible Spending Accounts
- Employee Stock Purchase Program
- On-site gym access at select Collaboration Hubs
- Wellness rewards
- FuN-raising opportunities as part of our giving program
- N-ablite Learning - custom learning experience as part of our investment in you
- The Way We Work - our hybrid working model based on trust and flexibility
