Position OverviewThe Senior SOC Analyst is responsible for advanced threat detection, incident response, and security monitoring within the Security Operations Center. This role involves investigating complex security incidents, mentoring junior analysts, and continuously improving security operations processes.
Key ResponsibilitiesSecurity Monitoring & Analysis- Monitor security alerts and events from SIEM, IDS/IPS, EDR, and other security tools
- Perform advanced threat hunting and proactive security investigations
- Analyze complex security incidents and determine scope, impact, and root cause
- Correlate data from multiple sources to identify sophisticated attack patterns
- Conduct malware analysis and reverse engineering when necessary
Incident Response- Lead incident response efforts for high-severity security events
- Contain, eradicate, and recover from security incidents
- Document incidents thoroughly and create detailed reports
- Perform post-incident reviews and develop lessons learned
- Coordinate with IT teams and stakeholders during incident response
Threat Intelligence & Detection Engineering- Research emerging threats, vulnerabilities, and attack techniques
- Develop and tune detection rules and use cases
- Reduce false positives and improve alert quality
- Create and maintain playbooks and standard operating procedures
- Contribute to threat intelligence sharing and analysis
Leadership & Mentoring- Mentor and train junior and mid-level SOC analysts
- Provide guidance on complex investigations and escalations
- Participate in on-call rotation if needed for surge support or incident investigation
- Contribute to SOC process improvements and automation initiatives
Reporting & Communication- Prepare detailed technical reports and executive summaries
- Present findings to management and technical teams
- Maintain accurate documentation of procedures and investigations
- Communicate effectively with stakeholders across the organization
Required QualificationsExperience- 5+ years of experience in cybersecurity or SOC environment
- 3+ years of hands-on experience with SIEM platforms, Microsoft Sentinel required
- Proven experience in incident response and threat hunting
- Experience with endpoint detection and response (EDR) tools
Technical Skills- Deep understanding of network protocols, architecture, and security
- Proficiency in log analysis and security event correlation
- Knowledge of malware analysis techniques and tools
- Familiarity with threat frameworks (MITRE ATT&CK, Cyber Kill Chain)
- Strong understanding of Windows, Linux, and cloud environments
- Experience with scripting languages (Python, PowerShell, Bash)
- Knowledge of forensic tools and methodologies
Certifications (Preferred)- GIAC Security Essentials (GSEC)
- GIAC Certified Incident Handler (GCIH)
- Certified Information Systems Security Professional (CISSP)
- GIAC Cyber Threat Intelligence (GCTI)
- Certified Ethical Hacker (CEH)
- Or equivalent industry certifications
Preferred Qualifications- Experience with cloud security (AWS, Azure, GCP)
- Knowledge of SOAR platforms and security automation
- Threat intelligence platform experience
Key Competencies- Strong analytical and problem-solving abilities
- Excellent written and verbal communication skills
- Ability to work under pressure during security incidents
- Self-motivated with strong attention to detail
- Team player with collaborative mindset
- Continuous learning attitude toward evolving threats
Work Environment- On-call may be required for surge support or active incidents.
- Training period requires onsite in office 5 days a week. Hybrid option will be available after training period.
- Fast-paced, high-pressure environment during incidents
