Skip to main content
TryApplyNow
Saronic logo

Security Operations Analyst (mid level)

Saronic
Full Timemid
Austin, TXPosted 22 days ago

Role Overview

Saronic is hiring a mid-level Security Operations Analyst (mid level). This is a full-time role in Austin. Part of Saronic's Security hiring, posted 3 weeks ago. Full responsibilities, required qualifications, and the apply link are listed in the description below.

Salary Context

Salary is not disclosed in this posting. Market median for Mid-level Security roles is $65k-$90k (based on 73 comparable listings). Many employers share specifics during the interview process or after an initial screen.

Resume Keywords to Include

Make sure these keywords appear in your resume to improve ATS scoring

PythonBashAWSAzureCI/CDSaaSPipelineTelemetry

Job description

Saronic Technologies is a leader in revolutionizing autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations through autonomous and intelligent platforms.

JOB OVERVIEW

As a SecOps Analyst at Saronic, you'll be on the front line of our detection and response operations, triaging and investigating security alerts across endpoint, cloud, identity, network, and SaaS telemetry using our SIEM and XDR platforms. You'll run root cause analysis on real events, lead initial response for mid-tier incidents (contain, eradicate, recover), and tune detections to cut down on noise and sharpen what actually matters. Beyond the day-to-day, you'll join the on-call rotation, run targeted threat hunts to catch what automation misses, help build out our playbooks and runbooks, and contribute to post-incident reviews that turn gaps into real improvements. This is an early, formative role on a SecOps team being built from the ground up, so you'll have a direct hand in shaping how we operate, with room to grow across security domains rather than being boxed into one lane.

RESPONSIBILITIES

Detection & Alert Operations

  • Monitor and triage security alerts across endpoint, cloud, identity, network, and SaaS telemetry using enterprise SIEM and XDR platforms
  • Perform in-depth alert investigation and root cause analysis, documenting findings with clear, structured timelines and impact assessments
  • Tune detections to reduce false positive noise and improve signal fidelity; contribute to detection-as-code pipelines using structured query languages
  • Operate across multiple detection and visibility platforms as part of a maturing, layered security monitoring ecosystem

Incident Response & Investigation

  • Lead initial incident response for mid-tier events: contain, eradicate, and recover across endpoint, cloud, and identity domains
  • Participate in the on-call incident rotation and effectively communicate status and findings to the SecOps Lead and relevant stakeholders
  • Conduct post-incident reviews, identifying gaps in detection, response, and containment and translating them into actionable improvements
  • Coordinate with Security Engineering and IT during active incidents to accelerate response and reduce dwell time

SecOps Foundation & Enablement

  • Support the SecOps Lead in developing and refining response playbooks, runbooks, and analyst workflow documentation
  • Conduct targeted threat hunting operations to identify attacker activity not surfaced by automated detections
  • Contribute to SecOps metrics tracking, reporting, and operational readiness reviews
  • Help onboard and mentor junior analysts as the team grows, serving as a technical resource and process guide

QUALIFICATIONS

  • 3+ years of hands-on experience in a Security Operations, detection engineering, or incident response role
  • Demonstrated experience triaging and investigating alerts across at least two of the following: endpoint, cloud, identity, network, or SaaS environments
  • Hands-on proficiency with enterprise SIEM platforms and their query languages; ability to write and iterate on detection logic from scratch
  • Experience with EDR tooling in an operational context; ability to hunt, triage, and respond using endpoint telemetry
  • Solid understanding of attacker TTPs mapped to MITRE ATT&CK, and the ability to apply that knowledge during active investigations
  • Experience writing or iterating on detection logic, response playbooks, or SOC operational documentation
  • Scripting proficiency in Python, PowerShell, or Bash for alert enrichment, automation, or triage support
  • Strong understanding of network fundamentals: TCP/IP, DNS, HTTP/S, firewall and proxy logs, and lateral movement patterns
  • Clear and structured written and verbal communication — you can brief a non-technical stakeholder and write a thorough incident report
  • Ownership mindset: you follow incidents through to closure and flag what needs to be fixed, not just what needs to be documented
  • Security Clearance eligible

Preferred Qualifications

  • Experience with XDR platforms and cross-domain correlated detection across endpoint, identity, and cloud
  • Familiarity with cloud-native security operations and log sources in AWS or Azure environments
  • Experience with SOAR platforms or building response automation workflows
  • Exposure to supply chain and CI/CD pipeline security monitoring
  • Familiarity with data lake-based or pipeline-driven detection architectures
  • Experience operating in or supporting classified, GovCloud, or FedRAMP environments
  • Background in defense, aerospace, robotics, or other high-assurance operational environments
  • Familiarity with compliance frameworks such as NIST SP 800-171, NIST SP 800-53, or CMMC
  • Relevant certifications: GIAC GCIH, GCIA, GCFE, BTL1/2, CySA+, OSCP, or equivalent
  • Active security clearance or prior clearance history is a strong differentiator

PHYSICAL DEMANDS

  • Prolonged periods of sitting at a desk and working on a computer
  • Occasional standing and walking within the office
  • Manual dexterity to operate a computer keyboard, mouse, and other office equipment
  • Visual acuity to read screens, documents, and reports
  • Occasional reaching, bending, or stooping to access file drawers, cabinets, or office supplies
  • Lifting and carrying items up to 20 pounds occasionally (e.g., office supplies, packages)

BENEFITS

Medical Insurance: Comprehensive health insurance plans covering a range of services

Saronic pays 100% of the premium for employees and 80% for dependents

Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care

Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents

Time Off: Generous PTO and Holidays

Parental Leave: Paid maternity and paternity leave to support new parents

Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses

Retirement Plan: 401(k) plan with company match

Stock Options: Equity options to give employees a stake in the company’s success

Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage

Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline

Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office

Saronic CCPA Notice for Candidates and California Employees https://saronic-assets-public.s3.us-east-2.amazonaws.com/Saronic%20CCPA%20Notice%20for%20Candidates%20and%20California%20Employees.pdf

If this role is based in the United States, it requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3) https://www.govinfo.gov/link/uscode/8/1324b.

Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits. We are also committed to providing reasonable accommodations for qualified individuals with disabilities.

About Saronic

Saronic logo

Saronic

saronic.com

SecurityOn-site

129 other open roles at Saronic on TryApplyNow.

Frequently Asked Questions

How do I apply for the Security Operations Analyst (mid level) position at Saronic?

Use the Apply button above to submit your application directly to Saronic. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.

Where is the Security Operations Analyst (mid level) position at Saronic located?

This position is based in Austin. Saronic has not indicated remote or hybrid options for this role, so candidates should plan for on-site work.

What does a Security Operations Analyst (mid level) at Saronic earn?

Saronic has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.

When was the Security Operations Analyst (mid level) role at Saronic posted?

This role was posted on June 17, 2026 (22 days ago). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.

AI-powered job search

Get every job scored to your resume

Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.

Get started free

No credit card to start