Senior SOC Cybersecurity Analyst

DivIHN (pronounced divine ) is a CMMI ML3-certified Technology and Talent solutions firm. Driven by a unique Purpose, Culture, and Value Delivery Model, we enable meaningful connections between talented professionals and forward-thinking organizations. Since our formation in 2002, organizations across commercial and public sectors have been trusting us to help build their teams with exceptional temporary and permanent talent.

Visit us at to learn more and view our open positions.

Title: Senior SOC Cybersecurity Analyst
Location: Remote
Duration: 6 Months

Job Summary:
We are seeking an experienced and proactive Senior Cybersecurity Analyst with deep expertise in incident response, threat hunting, and SIEM/EDR operations to join our evolving Security Operations Center (SOC). This role is integral to leading advanced security investigations, driving IR workflows, and continuously improving our detection and response capabilities. The ideal candidate will be well-versed in CrowdStrike as both an EDR and telemetry source, possess strong scripting skills (Python, SQL, and Splunk SPL), and have a proven track record managing and tuning SIEM environments to reduce noise and maximize signal fidelity.

Key Responsibilities:
Lead complex security incident investigations and end-to-end incident response, including containment, eradication, and recovery.
Proactively conduct threat hunting using CrowdStrike, SIEM, and threat intel to uncover hidden threats across endpoints and networks.
Manage and tune SIEM rules, dashboards, correlation searches, and alerts to improve detection efficacy and reduce false positives.
Develop and maintain IR playbooks, detection rules, and threat models aligned with frameworks like MITRE ATT&CK.
Write and maintain custom scripts (Python, PowerShell, Bash) and queries (SQL, Splunk SPL) for automation, data enrichment, and investigation.
Collaborate with cross-functional teams to enhance detection capabilities, define logging requirements, and support security architecture.
Mentor junior analysts and contribute to SOC process maturity, knowledge sharing, and skills development.
Perform root cause analysis of incidents, support forensic investigations, and drive post-incident reviews.
Stay abreast of evolving threats, tools, and tactics, and integrate threat intelligence into SOC operations.

Required Qualifications:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).
5 years of professional experience in Cybersecurity, with a focus on incident response, threat detection, and security operations.
Hands-on experience with CrowdStrike Falcon, including detection, investigation, and response workflows- Highly preferred
Strong knowledge and experience using SIEM platforms (e.g., Splunk, Sentinel, QRadar), including log ingestion, parsing, rule tuning, and dashboarding.
Proficient in writing Splunk Search Processing Language (SPL) queries and SQL for log analysis and data correlation.
Strong scripting ability in Python, PowerShell, or Bash for automation and enrichment.
Deep understanding of networking, operating systems (Windows/Linux), malware behaviors, and attacker techniques (MITRE ATT&CK).
Experience developing and improving IR workflows, playbooks, and escalation processes.
Familiarity with forensic tools, packet capture analysis, and threat intelligence platforms.
Excellent analytical, communication, and documentation skills.
.

DivIHN is an equal opportunity employer. DivIHN does not and shall not discriminate against any employee or qualified applicant on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status.