Sr. SOC Analyst

About the Role

We are seeking a seasoned Senior SOC Analyst to bolster our real-time threat monitoring and incident response capabilities within both enterprise and Managed Security Service Provider (MSSP) environments. This pivotal role involves the meticulous triage of security alerts, in-depth investigation of suspicious activities, and the continuous enhancement of detection coverage across our SIEM, EDR, cloud, and network platforms.

Key Responsibilities

• Monitor and effectively triage security alerts generated by SIEM and various security tools.
• Conduct thorough investigations of security incidents spanning endpoint, email, network, and cloud infrastructures.
• Correlate security logs to identify and analyze indicators of compromise (IOCs).
• Enrich security alerts with actionable threat intelligence and open-source intelligence (OSINT).
• Support end-to-end incident response processes and escalate critical threats promptly.
• Perform foundational threat hunting exercises utilizing frameworks like MITRE ATT&CK.
• Document investigation findings and generate comprehensive incident reports.
• Collaborate with cross-functional teams to refine detection rules and develop robust SOC playbooks.

Required Skills and Qualifications

• A minimum of 5 to 10 years of dedicated experience in SOC or security operations.
• Proven hands-on experience with SIEM solutions such as Elastic, Microsoft Sentinel, Splunk, or similar platforms.
• Demonstrated experience with Endpoint Detection and Response (EDR) and email security tools.
• Solid understanding of cloud security logs and network security logs.
• Knowledge of the MITRE ATT&CK framework and incident response methodologies.
• Strong analytical, problem-solving, and communication skills.

Nice to Have

• Experience working within an MSSP environment.
• Basic scripting proficiency in Python or PowerShell.
• Relevant security certifications (e.g., CompTIA Security+, CEH, CySA+).