Qualifications - Minimum of 3-5 years of experience in an operational security program.
- Bachelor's in computer science, information security, or equivalent experience/certifications.
- The ability to balance security principles with business realities as part of a risk-managed program.
- Hands-on experience performing responsibilities aligned to incident response, security operations, and security initiatives.
- Background in SOC operations, detection engineering, threat hunting, or cyber threat intelligence.
- Must be comfortable supporting a weekend schedule. (Wednesday - Sunday OR Saturday - Wednesday from 8:00 AM to 5:00 PM CT) Applicants must be authorized to work in the United States. We are unable to provide sponsorship for this position.
Success Looks Like- Enhancing detection fidelity and reducing noise through thoughtful tuning and optimized detection logic.
- Closing detection gaps with ATT&CK aligned analytics and proactive threat hunts.
- Driving operational improvements by resolving inefficiencies and enabling the SOC to execute with greater speed, consistency, and confidence.
Certain states and localities require employers to post a reasonable estimate of the salary range. A reasonable estimate of the current base pay range for this position is $130,000 to $135,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that are not included in the base pay.
The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:
- Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
- Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
- Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement
- Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program
#LI-MP1
#LI-REMOTE
This position supports a
WEEKEND schedule, Wednesday - Sunday OR Saturday - Wednesday from 8:00 AM to 5:00 PM CT About the RoleOur Security Operations Center (SOC) is expanding, and we're seeking a
Senior SOC Analyst to support a weekend schedule (
Wednesday - Sunday OR Saturday - Wednesday from 8:00 AM to 5:00 PM CT) who can quickly get up to speed and help drive operational excellence. This role is focused on eliminating inefficiencies, expanding detection coverage, and strengthening our detection, response, and threat-informed defense capabilities. It's ideal for someone who excels in hands-on analysis and is passionate about improving how a SOC operates day-to-day.
You'll play a key role in proactive cyber defense by collaborating across InfoSec teams, enhancing monitoring platforms, tuning controls, and conducting targeted threat hunts that reduce risk, enable better detections, and elevate our overall security posture.
What "Driving Operations" Means in This RoleThis position goes well beyond alert triage. You'll be expected to:
- Identify and resolve workflow inefficiencies that slow down response or create friction for analysts.
- Expand detection gap coverage through new use cases, improved telemetry, and refined detection logic.
- Reduce false positives and increase detection fidelity through ongoing tuning of tools and monitoring platforms.
Key ResponsibilitiesThreat-Informed Defense & Detection Engineering- Use internal and external threat intelligence, risk insights, and adversary behavior research to guide proactive defensive actions.
- Develop, tune, and optimize SIEM/SOAR, EDR, NDR, and log analytics platforms to improve detection quality and reduce noise.
- Engineer, test, and deploy new detection logic, alerting mechanisms, behavioral analytics, and ATT&CK-aligned use cases.
- Identify control gaps and collaborate with platform owners to implement both preventive and detective enhancements.
SOC Operations Maturity & Operational Excellence (Efficiency, Coverage & Continuous Improvement)- Partner with SOC leadership to refine responsibilities, skill requirements, and operational targets.
- Improve SOC operational effectiveness by spotting opportunities to streamline execution and remove process friction.
- Translate observed detection gaps into measurable improvements through new detections, automation, or enhanced processes.
Threat Hunting- Conduct hypothesis and intelligence driven threat hunts to uncover malicious activity, suspicious behavior, or weaknesses not visible through standard monitoring.
- Document findings and collaborate with SOC leadership and partner teams on remediation and follow-up actions.
- Continuously evolve hunting methodologies, techniques, and automation in response to a changing threat landscape.
Incident Response & Security Event Handling- Support the management and resolution of security events and incidents.
- Work independently and collaboratively to identify, assess, report, and recover from security incidents.
- Participate in after-hours response when needed.