Soc Analyst - Remote

Overview

Remote
Depends on Experience
Contract - W2

Skills

Documentation
Access Control
CSIRT
Microsoft Windows
Multi-factor Authentication
Network
Firewall
Incident Management
Linux
Management
SAML
SSO
Scripting
Microsoft
Microsoft Azure
Network Security
Palo Alto
Python
Reporting
Cisco
Collaboration
Communication
DNS
Dragon NaturallySpeaking
FOCUS
Windows PowerShell
Zabbix
Security Management
Soft Skills
System On A Chip
Vulnerability Management
Workflow

Job Details

Job Description

These analysts will be responsible for core SOC functions, with a strong focus on Incident Response including detection, triage, containment, remediation, and post-incident reporting. Candidates must be capable of managing incidents end-to-end and interfacing with both internal and external stakeholders as needed. Beyond incident response, the role includes contributing to day-to-day security administration across systems such as CrowdStrike, Microsoft Entra, Duo, and Cisco Umbrella. Analysts are expected to identify and act on opportunities to improve the overall security posture. All resources will report into the SOC and be functionally managed . Strong communication skills, the ability to work independently, and a proactive mindset are essential.

REQUIRED SKILL SET

  • CrowdStrike EDR: Investigation, alert triage, threat hunting.
  • Core Security Mechanisms in Windows: The IT environment is primarily windows. Candidates should have functional knowledge of core windows security mechanisms.
  • Security Principals and Security Identifiers
  • Access Tokens
  • Security Descriptors, DACLS/Discretionary Access Control, Access Control Entries (ACEs)
  • Windows Privileges
  • Kerberos and NTLM
  • OS & Core Platform Skills:
  • Windows security administration.
  • Linux OS security administration. This is a much small part of the environment and less critical. Basic Linux skills are sufficient.
  • Basic scripting or automation skills (e.g., PowerShell, Python).

Network & Identity:

  • Microsoft Entra ID (formerly Azure AD), including role-based access, MFA, SSO troubleshooting.
  • Familiarity with Cisco Duo or Microsoft MFA systems.
  • Basic knowledge of SSO (SAML) and troubleshooting auth integrations.

Soft Skills:

  • Strong communication skills, especially for status updates and external stakeholder interactions.
  • Ability to work independently and write concise, high-quality documentation.
  • Familiarity with incident coordination, ideally as part of a CSIRT/SOC function.

DESIRED SKILLS

DNS Security, preferably Cisco Umbrella.

Familiarity with Palo Alto firewalls and general network security principles.

Experience with log aggregation and monitoring platforms (e.g., Zabbix, ELK).

Experience with vulnerability management workflows.

Familiarity with Tanium and manual patching or software remediation.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.