Security Operations Analyst

As a Cybersecurity Analyst, your primary responsibilities include:

• Monitoring and responding to alerts from SIEM systems such as Splunk, Microsoft Sentinel, and QRadar.
• Analyzing and investigating potential security incidents, performing root cause analysis, and escalating as needed.
• Assisting in the incident response lifecycle, including detection, containment, eradication, recovery, and lessons learned.
• Conducting threat hunting activities using logs and threat intelligence sources.
• Maintaining and tuning SOC tools, including SIEMs, EDRs like CrowdStrike and SentinelOne, firewalls, and IDS/IPS.
• Documenting findings, creating incident reports, and supporting post-incident reviews.
• Collaborating with IT, network, and application teams to enforce security policies and mitigate vulnerabilities.
• Staying current with emerging threats, vulnerabilities, and mitigation techniques.
• Contributing to playbooks and runbooks to improve operational efficiency.
• Supporting audits, compliance reporting (e.g., SOC 2, ISO 27001), and vulnerability assessments.

Qualifications and Requirements:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 2+ years of experience in a SOC or cybersecurity analyst role.
• Familiarity with security tools and concepts including SIEM platforms (e.g., Splunk, Sentinel), EDR solutions (e.g., CrowdStrike, Defender for Endpoint), Firewalls, IDS/IPS, DLP, MITRE ATT&CK, NIST, and OWASP frameworks.
• Working knowledge of Windows/Linux operating systems and network protocols.
• Ability to interpret logs and data from multiple sources (network, endpoint, cloud, etc.).
• Strong problem-solving, communication, and documentation skills.
• Ability to work in a fast-paced, 24x7 security operations environment. As a Cybersecurity Analyst, your primary responsibilities include:
• Monitoring and responding to alerts from SIEM systems such as Splunk, Microsoft Sentinel, and QRadar.
• Analyzing and investigating potential security incidents, performing root cause analysis, and escalating as needed.
• Assisting in the incident response lifecycle, including detection, containment, eradication, recovery, and lessons learned.
• Conducting threat hunting activities using logs and threat intelligence sources.
• Maintaining and tuning SOC tools, including SIEMs, EDRs like CrowdStrike and SentinelOne, firewalls, and IDS/IPS.
• Documenting findings, creating incident reports, and supporting post-incident reviews.
• Collaborating with IT, network, and application teams to enforce security policies and mitigate vulnerabilities.
• Staying current with emerging threats, vulnerabilities, and mitigation techniques.
• Contributing to playbooks and runbooks to improve operational efficiency.
• Supporting audits, compliance reporting (e.g., SOC 2, ISO 27001), and vulnerability assessments.

Qualifications and Requirements:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 2+ years of experience in a SOC or cybersecurity analyst role.
• Familiarity with security tools and concepts including SIEM platforms (e.g., Splunk, Sentinel), EDR solutions (e.g., CrowdStrike, Defender for Endpoint), Firewalls, IDS/IPS, DLP, MITRE ATT&CK, NIST, and OWASP frameworks.
• Working knowledge of Windows/Linux operating systems and network protocols.
• Ability to interpret logs and data from multiple sources (network, endpoint, cloud, etc.).
• Strong problem-solving, communication, and documentation skills.
• Ability to work in a fast-paced, 24x7 security operations environment.