Senior Security Operations Center (SOC) Analyst

Position Summary

FutureSoft Consulting Inc. is seeking a highly skilled and detail-oriented Senior Security Operations Center (SOC) Analyst to support advanced cybersecurity operations for a major public-sector organization in the State of Georgia. This position is fully onsite and will play a critical role in protecting enterprise information systems, monitoring security events, and responding to cybersecurity incidents in a regulated environment.

The selected candidate will be responsible for identifying, analyzing, and mitigating security threats while ensuring compliance with established security policies, standards, and regulatory requirements. This role requires strong technical expertise, sound judgment, and the ability to operate effectively in a structured, mission-critical environment.

Primary Duties and Responsibilities

The Senior SOC Analyst will be responsible for, but not limited to, the following:

Security Monitoring and Incident Response

• Continuously monitor security systems, networks, and endpoints for potential threats and vulnerabilities.

• Analyze security alerts, logs, and telemetry from SIEM and endpoint protection platforms.

• Investigate and respond to security incidents, including malware infections, unauthorized access, and suspicious activities.

• Perform root cause analysis and develop remediation strategies.

Identity and Access Security

• Monitor and secure identity systems, including Microsoft Active Directory and Microsoft Entra ID.

• Investigate identity-based attacks, privilege escalation, and account compromise incidents.

• Support enforcement of identity and access management (IAM) policies and controls.

Threat Detection and Analysis

• Utilize Microsoft Defender tools and Microsoft Sentinel to identify advanced persistent threats and abnormal behaviors.

• Develop and refine detection rules, queries, and dashboards.

• Perform proactive threat hunting activities.

Documentation and Reporting

• Prepare detailed incident reports, investigation summaries, and technical documentation.

• Maintain records in accordance with organizational and regulatory requirements.

• Present findings and recommendations to technical and management stakeholders.

Collaboration and Compliance

• Work closely with IT, infrastructure, and security teams to coordinate response efforts.

• Participate in security audits, risk assessments, and compliance reviews.

• Support continuous improvement of cybersecurity processes and controls.

Required Qualifications

Candidates must meet the following minimum qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent professional experience.

• Minimum of three (3) years of hands-on experience with Microsoft Defender for Identity.

• Minimum of three (3) years of experience administering and securing Microsoft Active Directory environments.

• Minimum of three (3) years of experience with Microsoft Entra ID (Azure Active Directory).

• Minimum of two (2) years of experience using Microsoft Sentinel or similar SIEM platforms.

• Proven experience in cybersecurity incident response and security operations.

• Strong analytical, troubleshooting, and problem-solving skills.

• Excellent written and verbal communication abilities.

• Ability to work independently and manage multiple priorities in a deadline-driven environment.

Preferred Qualifications

• Experience with Kusto Query Language (KQL)

• Prior experience supporting government agencies or regulated environments

• Professional certifications such as Security+, CEH, CISSP, or Azure Security Engineer

• Experience with cloud security and hybrid enterprise systems

• Familiarity with NIST, ISO 27001, or similar security frameworks

Professional Competencies

Successful candidates will demonstrate:

• High ethical standards and confidentiality awareness

• Strong attention to detail and documentation accuracy

• Ability to perform effectively in high-pressure situations

• Commitment to continuous professional development

• Strong stakeholder and customer service orientation

• Must successfully pass required background and security screenings

• Must be available for full-time, onsite work in Lawrenceville, Georgia

• Must comply with all organizational security and conduct policies

Engagement Terms

• This is a temporary, contract-based engagement with an anticipated duration of approximately four months.

• Continuation is subject to project requirements and funding availability.

• Remote or hybrid work arrangements are not available for this role.