Role : Security Operations Center (SOC) Analyst
Location :- Dallas,TX (OR) Virginia Beach, VA (Onsite)
Job type :- C2C or W2
Role Overview
Seeking a hands-on SOC Analyst to provide immediate operational support and free up internal security staff. This role focuses on real-time monitoring, triage, and response to security alerts across endpoint protection, phishing incidents, and email security tools.
Primary responsibility includes working with:
- SentinelOne (EDR/XDR alerts)
- Microsoft Defender (Email, Endpoint, Identity alerts)
- Security Operations Center (SOC) Analyst
Phishing reports from end-users
Key Responsibilities
1. Security Alert Monitoring & Triage
- Monitor and triage alerts from:
- SentinelOne (malware, suspicious activity, behavioral alerts)
- Microsoft Defender (Defender for Endpoint, Defender for Office 365)
- Perform initial investigation and classification:
- True Positive / False Positive
- Severity and impact assessment
- Escalate complex incidents to internal teams
2. Phishing Incident Response
- Analyze phishing reports submitted by users:
- Email headers, URLs, attachments
- Take appropriate response actions:
- Block sender/domain
- Quarantine emails
- Trigger user awareness notifications
- Coordinate with email security policies in Defender
3. Incident Response
Focus
- Alert triage and ticket creation
- Basic containment actions (isolate endpoint, block indicators)
- Run predefined playbooks
- Deep-dive investigation of incidents
- Endpoint forensics (via SentinelOne)
- Correlate alerts across tools
- Execute remediation actions (kill processes, isolate machines)
4. Ticketing & Documentation
- Create and update incident tickets (ServiceNow/JIRA or equivalent)
- Maintain clear investigation notes and evidence
- Ensure SLA adherence for response and resolution
5. Threat Detection & Improvement
- Identify recurring patterns and suggest tuning
- Reduce false positives via rule optimization
- Contribute to improving SOC playbooks and runbooks
Required Skills & Qualifications
Core Technical Skills
- Hands-on experience with:
- SentinelOne (EDR/XDR investigation)
- Microsoft Defender (Endpoint + Email Security)
- Strong understanding of:
- Phishing detection and analysis
- Malware behavior and indicators of compromise (IOCs)
- Email security (SPF, DKIM, DMARC basics)
- Familiarity with SIEM/SOAR tools (nice to have)
Preferred Skills
- Experience with:
- Microsoft Defender for Office 365
- Threat Intelligence platforms
- Basic scripting (PowerShell/Python) for investigation
- Understanding of MITRE ATT&CK framework
Soft Skills
- Strong analytical thinking
- Clear communication (written & verbal)
- Ability to work in fast-paced SOC environment
- High attention to detail
Certifications (Preferred)
- Security+
- CySA+ / CEH
- Microsoft Security Operations Analyst (SC-200)
Never miss an opportunity! Create an alert based on the job you applied for.
