SOC Analyst – Job Description

Overview

The SOC Analyst plays a critical role in safeguarding the CommScope cybersecurity posture through continuous monitoring, detection, and incident response. This role is responsible for triaging and investigating security alerts, supporting incident response activities, and continuously improving detection and response workflows through automation.

The SOC Analyst also serves as a key liaison between the Managed Detection and Response (MDR) provider and internal business stakeholders, ensuring effective communication, timely escalation, and alignment on security incidents. The ideal candidate is analytical, process-driven, and comfortable translating technical findings into clear, actionable information for non-technical teams across a global organization.

Key Responsibilities

• Monitor and analyze security alerts generated by SIEM, EDR, firewalls, Secure Service Edge (SSE), email security, and other security platforms.
• Triage, investigate, and validate suspicious activity, determining scope and potential business impact using endpoint, network, identity, and log data.
• Participate in incident response activities, including containment support, root cause analysis, and post-incident reporting.
• Develop, maintain, and enhance automated workflows, playbooks, and response actions to streamline SOC operations and reduce manual effort.
• Collaborate closely with the MDR provider and internal teams, ensuring clear communication, defined escalation paths, and consistent incident handling.
• Provide feedback to the MDR provider on alert quality, false positives, and detection gaps.
• Review and interpret vulnerability scan results, coordinating with IT and engineering teams to prioritize and track remediation efforts.
• Manage IT tickets related to security alerts, user-impacting investigations, and operational support for security tools.
• Maintain accurate documentation for investigations, detections, playbooks, and standard operating procedures.
• Contribute to continuous improvement initiatives by tracking and improving metrics such as alert fidelity, response times, and automation effectiveness.
• Participate in rotational shift coverage and on-call support as part of a global SOC operating model.

Required Skills & Qualifications

• 3+ years of experience in a Security Operations Center (SOC), MDR, or incident response environment.
• Strong understanding of cybersecurity fundamentals, including common attack techniques, malware behavior, and network protocols.
• Hands-on experience with SIEM platforms for alert monitoring, log analysis, and automation (e.g., playbooks, logic apps).
• Familiarity with Endpoint Detection and Response (EDR) platforms for endpoint investigation and threat detection.
• Working knowledge of vulnerability management processes and tools.
• Ability to communicate technical findings clearly and concisely to non-technical audiences.
• Experience with one or more leading security platforms such as CrowdStrike, Microsoft Sentinel/Defender, Qualys, Palo Alto Networks, Netskope, or Cribl.

Preferred Qualifications

• Industry certifications such as Security+, CySA+, CEH, or similar.
• Experience with scripting or automation tools such as PowerShell, Python, or Bash.
• Familiarity with vendor-specific query languages (e.g., KQL, CQL).
• Familiarity with industry frameworks such as MITRE ATT&CK and NIST.
• Experience collaborating with external security partners or service providers.
• Experience working with security incidents in cloud, identity, or SaaS environments.
• Demonstrated interest in advancing toward senior SOC, detection engineering, or incident response roles.
• Familiarity with applying AI‑driven tools and techniques to improve detection quality, investigation speed, and SOC operational effectiveness.

Career Path

This role offers growth opportunities into senior SOC analyst, detection engineering, incident response, or security engineering positions.