Senior SOC Analyst

About the Role: Senior SOC Analyst (Defender)

The Senior Analyst is responsible for providing advanced, second-level Cybersecurity Incident Response and client support, ensuring adherence to defined Service Level Agreements (SLAs) and delivering exceptional customer service for Information Security and Endpoint Security. This role specifically focuses on Managed Detection and Response (MDR) services within the Microsoft technology stack, with a strong emphasis on Microsoft Sentinel and Defender.

Key Responsibilities

24x7 Support (60% Job Weight)

• Monitor, triage, investigate, remediate, and resolve cybersecurity incidents.
• Escalate unresolved issues to senior team members and/or management.
• Act as an escalation point for first-level SOC analysts, conducting root cause analysis.
• Provide technical knowledge transfer to clients and internal departments for less complex issues.
• Identify, record, and escalate service performance trends, anomalies, and SLA breaches to senior leadership.
• Apply Trusted Advisor techniques to foster client trust and loyalty.
• Perform Quality Assurance ticket reviews to identify and address gaps.

Service Delivery Improvement (20% Job Weight)

• Collaborate with L3 Consultants to enhance analytics and minimize false positives.
• Identify potential improvements in SOC processes and procedures, working with management and consultants for implementation.
• Mentor and guide junior resources, acting as a trusted advisor in applying CDW methodologies and using tools and templates for troubleshooting client requests.

Professional Development (20% Job Weight)

• Participate in various SOC projects, including new use case/analytics development, SOP creation, new service offering testing, and customer activation.
• Attend training sessions, shadowing activities, and pursue industry-related certifications as determined by management.
• Engage in assigned self-paced training.

Qualifications and Expectations

• Bachelor's degree (B.A./B.S.) or a 3-year diploma in Engineering, Computer Science, or a technology-related field, with 1 year of security experience in a client-focused environment and/or a Security Operations Center (SOC); OR 6 years of total Information Technology experience, including 1 year of security experience in a client-focused environment and/or a SOC.
• At least two intermediate-level certifications in Managed Security Services disciplines, such as Microsoft SC-200, SC-100, CrowdStrike Falcon: CFIR, Cortex XDR – PCDRA, IBM QRadar Security: Certified Analyst, Exabeam Security Analyst: Associate, Advanced, E|CIH, E|CSS, C|EH, GIAC - GSEC, GISF, GEIR, GCIH, or similar technology certifications.
• Knowledge and experience with Microsoft Azure are considered an asset.
• The position is part of a 7-day per week, 24-hour per day managed services operation; willingness to work weekends, holidays, and overtime is required.
• Ability to provide direct client support, manage tickets, and handle calls.
• Contribution to team objectives and maintenance of high customer satisfaction.
• Active engagement in coaching and continuous learning to enhance technical skills.
• Application of critical thinking and problem-solving abilities to address challenges.
• Experience in client-based support.
• Clear understanding of Managed Security Services offerings and business proposition.
• Excellent communication and collaboration skills.
• Ability to work independently and under minimal supervision.