
Security Operations Center Analyst/SOC Analyst
Full Job Description
Join RingCentral, a market-leading Unified Communications-as-a-Service company, as a Security Operations Center Analyst (SOC Analyst). This full-time, remote role involves a unique 2-days-on, 2-days-off work schedule. You will play a critical role in implementing a comprehensive security monitoring, incident response, and threat intelligence program for RingCentral's global cloud service, corporate, and development environments. This is an exceptional opportunity to contribute to a rapidly expanding industry leader providing Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions.
About this role:
As a SOC Analyst at RingCentral, your primary responsibilities include:
- Collaboratively providing feedback to improve security operations processes.
- Generating actionable analysis and threat intelligence from various tools, logs, and data sources.
- Ensuring strong documentation to support ongoing SOC activities.
- Reporting observations to Security, Operations, and IT personnel.
- Monitoring security events, analyzing and investigating alarms, and maintaining day-to-day operational activities of a secure cloud environment.
- Engaging cross-functional teams within and outside RingCentral to mitigate and resolve security cases.
- Maintaining relevant documentation and audit artifacts.
- Identifying and tracking suspicious system activity.
- Identifying trends and patterns, and presenting them to Security Engineers to enhance processes and systems.
- Participating in on-call rotations.
Successful Candidates will possess:
- Proven skills in application security, security monitoring, incident response, and intrusion analysis.
- Strong knowledge of diverse attack methods and technologies targeting web/mobile/desktop applications, SaaS infrastructure, and data.
- Critical thinking, ability to work under pressure, and strong analytical, written, verbal, and interpersonal skills.
- Demonstrated track record of quality processes in past work history.
- Strong self-motivation with an aptitude for both individual and team-oriented work.
- Experience following and refining standard operating procedures and playbooks.
Qualifications/Requirements:
- 4+ years in a security engineering, SRE, or SOC role within a cloud services environment.
- Experience with SIEM platforms.
- Experience investigating security incidents.
- Basic knowledge of AWS or GCP.
- Experience with IDS, case management, and related tools and practices.
- Experience with Linux, RedHat preferred.
- Basic knowledge of broad security topics including encryption, application security, malware, and ransomware.
- Knowledge of network, VoIP, and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP).
Preferred Skills/Experience:
- Relevant certifications such as GCIA, GCIH, GCFA, GNFA, GCFE, GASF, GICA, GCTI, GPEN, GWAPT, GPYC, OSCP.
- Experience with tools like Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log.
- Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events.
- Strong knowledge of Microsoft Windows.
- Experience automating security tasks via scripting, programming, and/or SecDevOps.
- Experience working with global teams.
Company
Ringcentral
RingCentral is the global leader in cloud-based communications and collaboration software, revolutionizing how people connect. As a rapidly growing, $2 billion company with over 30% annual growth, we ...