Enable job alerts via email!
SOC Analyst
Globalchannelmanagement
Remote
USD 80,000 - 100,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A cybersecurity solutions provider is seeking a Remote SOC Analyst to join their team in Atlanta, Georgia. The ideal candidate will have over 2 years of experience in SOC or cybersecurity operations and hold relevant security certifications. Responsibilities include investigating alerts, conducting incident response, and correlating data to identify threats. This role involves continuous improvement of security processes and staying updated with emerging security technologies. A solid understanding of compliance frameworks and cloud security is essential.
Qualifications
- 2+ years of experience in a SOC or cybersecurity operations role.
- Strong understanding of compliance frameworks.
- Experience with security tools for incident response.
Responsibilities
- Investigate and validate alerts escalated from security partners.
- Execute containment and remediation steps for confirmed incidents.
- Correlate data to identify patterns and indicators of compromise.
- Document SOC workflows and incident handling processes.
- Stay current on emerging threats and security technologies.
Skills
Remote SOC Analyst needs 2+ years of experience in a SOC or cybersecurity operations role.
SOC Analyst requires:
- Security certifications such as Security+, CySA+, GCIH, GCIA, or equivalent.
- Experience with scripting (Python, PowerShell) for automation and analysis.
- Exposure to cloud security monitoring (Azure, AWS, GCP).
- Understanding of compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS).
- Experience with Microsoft Sentinel for SIEM and Microsoft Defender for Endpoint for EDR.
- Solid understanding of TCP/IP, Windows/Linux OS internals, and common attack vectors.
- Familiarity with MITRE ATT&CK, cyber kill chain, and threat modeling.
- Alert Triage & Validation: Investigate and validate alerts escalated from our security partners using SIEM, EDR, and other security tools.
- Incident Response: Execute containment and remediation steps for confirmed incidents. Escalate to Tier 3 when deeper forensic or threat hunting expertise is required.
- Threat Analysis: Correlate data across multiple sources (network, endpoint, cloud) to identify patterns and indicators of compromise (IOCs).
- Detection Tuning: Work with engineering and Tier 3 teams to fine-tune detection rules and reduce false positives.
- Process Development: Document SOC workflows, procedures, and incident handling processes. Build and maintain runbooks to standardize response actions and improve operational efficiency.
- Continuous Improvement: Stay current on emerging threats, vulnerabilities, and security technologies. Recommend improvements to detection and response capabilities.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
