Serve as a lead analyst on one or more security efforts such as incident response, digital forensics, penetration testing, automation and integration, PKI infrastructure, or code security
Provide expertise across multiple information security domains and mentor less experienced analysts as needed
Monitor, analyze, and respond to security events using SIEM, IDS/IPS, EDR, DLP, endpoint protection, and firewall technologies
Investigate security incidents including phishing, malware, and anomalous endpoint or network behavior
Perform incident handling, digital forensics, continuous monitoring, and intrusion detection and prevention
Collaborate with architects, risk professionals, and other security partners to implement preventive, detective, and corrective controls
Develop, maintain, and improve security documentation, processes, and operational runbooks

3+ years of Security Operations Center experience
Strong knowledge of security frameworks and regulations including NIST, ISO, PCI-DSS, FERPA, GLBA, GDPR, HIPAA, FTC, and privacy laws
Experience working with AWS core services including networking, storage, database, and identity
Working knowledge of integrating security controls throughout CI/CD pipelines and cloud environments
Experience analyzing SIEM, network, system, and IDS alert logs and tuning detection content
Familiarity with MITRE ATT&CK framework and use case and alert development aligned to it
Proficiency with scripting and automation using languages such as Python or Bash
Excellent analytical, problem-solving, and written and verbal communication skills

SOC Analyst II

Key skills