SOC Analyst l

Job Description

A Threat Intel Analyst job in Blue Ash, Ohio is currently available at Belcan. To be considered for this role, you will have a minimum of three years of relevant experience.

This position will be primarily responsible for maintaining an operating environment consisting
of security technologies. You will work closely with other team members to continuously improve visibility, detect and prevent threats, and provide reporting data to protect Belcan customer IP, Belcan employee data, and support both IT and regulatory initiatives.

Job Duties:

Perform advanced investigation and analysis of escalated security incidents from Tier 1 analysts, including complex malware, phishing, insider threats, and advanced persistent threats (APTs).
Lead and coordinate incident response efforts through all phases.
Utilize Security Information and Event Monitoring (SIEM) and UEBA tools to conduct in-depth log analysis, correlate events, and identify suspicious patterns or anomalies.
Proactively hunt for threats by identifying patterns and indicators of compromise (IOCs) using SIEM, EDR, and other tools.
Collaborate with engineering teams to tune and optimize security tools such as SIEM, EDR, and DLP to reduce false positives and improve detection capabilities.
Conduct forensic investigations, including file analysis, to determine the scope and impact of incidents.
Collaborate with the GRC team to prioritize and track resolution of vulnerabilities.
Create detailed incident reports, including analysis and recommendations.
Contribute to playbooks, processes, and knowledge base documentation.
Work closely with Tier 1 analysts, providing guidance and mentorship, and assisting with skill development and knowledge sharing.
Identify areas for security improvement and collaborate with cross-functional teams to enhance security posture.

Required Qualifications:
2 to 6 years of experience in security operations, incident response, SOC analysis, or related cybersecurity disciplines.
Experience with Securonix Security Analytics, Digital Guardian DLP, Palo Alto Prisma, Palo Alto XSIAM, and Palo Alto XSOAR.
Proficiency with Python automation and SIEM technologies.
Ability to analyze complex security events, correlate indicators, and support proactive threat detection.
Industry security certifications such as Security+, GSEC, CySA+, or equivalent are preferred.
Strong investigative, analytical, and incident response skills are essential for success in this role.
Ability to contribute to documentation, reporting, mentoring, and continuous improvement within the security operations environment.
Strong understanding of cloud risk management, compliance, and secure architecture principles is essential.
Ability to guide cloud security strategy, incident response, and cross-functional security enablement across the organization

Compensation:
We provide a competitive pay and benefits package. This position is offering a salary rate of $72,000 to $85,000 however, Belcan considers several factors when extending an offer, including but not limited to education, experience, geographic location, and discipline. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.

Belcan is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, state or local laws.