Cybersecurity Analyst – SOC Operations

Overview

The Cybersecurity Analyst will serve as a member of the Security Operations Center (SOC) within the IT Security team. This role is responsible for monitoring, investigating, and responding to cybersecurity events across a hybrid enterprise environment consisting of both on-premises and cloud-based infrastructure. The client is requiring candidates to have Tenable.sc and if you have Tenable.io, that would be very beneficial. 

This position focuses heavily on security operations, threat detection, incident triage, and response activities. The analyst will work escalated Tier II / III security incidents received from the organization’s Managed Detection & Response (MDR) provider and internal monitoring platforms, while partnering closely with Infrastructure, Cloud, and Security Engineering teams to support enterprise-wide security operations and continuous improvement initiatives.

Key Responsibilities

• Monitor, investigate, and respond to security alerts and incidents generated by SIEM, EDR, NDR, MDR, and cloud-native security platforms
• Perform event triage, validation, threat analysis, and incident classification for escalated Tier II / III security events
• Execute and coordinate incident response activities including containment, investigation, remediation, and recovery efforts
• Analyze security events across hybrid enterprise environments including on-premises infrastructure, endpoints, servers, identity systems, and cloud platforms
• Review cloud security alerts, audit logs, and telemetry to support Cloud Detection & Response (CDR) operations
• Assist with tuning and improving enterprise security monitoring, alert correlation, log collection, and detection quality
• Collaborate with Security Engineering, Infrastructure, and Cloud teams to strengthen monitoring coverage and improve SOC operational workflows
• Support automation and process improvement initiatives related to threat detection and incident response
• Document security incidents, investigations, response actions, and operational procedures in accordance with established security processes
• Assist with operational reporting, security metrics, incident trending, and leadership-facing security summaries
• Maintain awareness of evolving cyber threats, attack techniques, and industry best practices relevant to enterprise and cloud security operations

Required Qualifications

• College degree, technical training, or equivalent professional experience preferred
• Security-related certifications preferred (CompTIA Security+, CySA+, GIAC, GSEC, GCIH, or similar)
• 3+ years of experience in a cybersecurity, SOC, or security operations role
• Must have Tenable.sc experience - install, configure, deploy and any Tenable.io is a plus
• Prior experience supporting enterprise environments across servers, endpoints, networks, or cloud infrastructure
• Experience operating within hybrid environments consisting of both on-premises and cloud technologies
• Familiarity working with MDR providers and escalated security incident workflows preferred
• Participation in professional cybersecurity organizations or communities is a plus (ISSA, ISACA, InfraGard, ISAC/ISAO, etc.)

Desired Technical Skills

• Security event monitoring and alert triage
• Incident response and threat investigation
• SIEM platforms and security log analysis
• Endpoint Detection & Response (EDR) technologies
• Network Detection & Response (NDR) concepts
• Cloud security monitoring and Cloud Detection & Response (CDR)
• Security alert correlation and detection rule tuning
• Knowledge of hybrid identity and enterprise authentication environments
• Understanding of modern attacker tactics, techniques, and procedures (TTPs)
• Strong analytical, troubleshooting, and problem-solving skills
• Strong written and verbal communication abilities
• Ability to operate effectively within a collaborative SOC and incident response environment