Overview
Remote
On Site
65-85/hr
Contract - W2
Skills
Real-time
Cyber Security
Incident Management
Digital Forensics
ROOT
Workflow
IT Risk
Effective Communication
Mentorship
System On A Chip
Information Security
Computer Science
Security Operations
Threat Analysis
Financial Services
Microsoft
SIEM
DLP
TCP/IP
Microsoft Windows
Linux
Operating Systems
Network
Security+
Collaboration
Documentation
Communication
Job Details
Position Summary
The Security Operations Analyst is responsible for real-time monitoring, triage, investigation, and escalation of cybersecurity incidents impacting systems and users. The Analyst plays a key role in identifying threats early, containing incidents, and improving defensive controls. This role requires a blend of technical expertise, curiosity, and disciplined operational execution, with mentorship and guidance from the Security Operations Manager.
Key Responsibilities
Detection & Monitoring
oMonitor alerts and telemetry from Microsoft Defender, Google Chronicle, Forcepoint, and PhishER platforms.
oTriage events to determine severity, scope, and relevance.
oCorrelate alerts across systems to identify patterns of malicious behavior.
oValidate detections and reduce false positives through tuning recommendations.
Incident Response & Escalation
oPerform first- and second-level analysis of potential security incidents.
oContain or mitigate threats according to established playbooks.
oEscalate complex or high-severity cases to the Security Operations Manager or Mandiant responders.
oSupport digital forensics and root cause investigations.
Process & Improvement
oContribute to SOC documentation, including runbooks, playbooks, and response templates.
oRecommend automation or enrichment workflows using Chronicle or SOAR capabilities.
oParticipate in post-incident reviews to enhance detection and response posture.
Collaboration & Learning
oWork closely with IT, Risk, and Mandiant teams to ensure effective communication and follow-through.
oActively participate in continuous learning and mentorship programs led by the SOC Manager.
Qualifications
Bachelor s degree or equivalent experience in Information Security, IT, or Computer Science.
2 5 years of experience in security operations or threat analysis within a regulated industry (financial services preferred).
Hands-on experience with Microsoft Defender (EDR/XDR) and SIEM tools such as Google Chronicle.
Familiarity with Forcepoint DLP and PhishER platforms desirable.
Understanding of TCP/IP, Windows/Linux operating systems, and network defense fundamentals.
Certifications preferred: Security+, CySA+, or GIAC (GCIAIH).
Success Indicators
Consistently accurate and timely triage of alerts.
Demonstrated collaboration and initiative in improving detection logic.
High-quality documentation and communication of incidents and recommendations.
The Security Operations Analyst is responsible for real-time monitoring, triage, investigation, and escalation of cybersecurity incidents impacting systems and users. The Analyst plays a key role in identifying threats early, containing incidents, and improving defensive controls. This role requires a blend of technical expertise, curiosity, and disciplined operational execution, with mentorship and guidance from the Security Operations Manager.
Key Responsibilities
Detection & Monitoring
oMonitor alerts and telemetry from Microsoft Defender, Google Chronicle, Forcepoint, and PhishER platforms.
oTriage events to determine severity, scope, and relevance.
oCorrelate alerts across systems to identify patterns of malicious behavior.
oValidate detections and reduce false positives through tuning recommendations.
Incident Response & Escalation
oPerform first- and second-level analysis of potential security incidents.
oContain or mitigate threats according to established playbooks.
oEscalate complex or high-severity cases to the Security Operations Manager or Mandiant responders.
oSupport digital forensics and root cause investigations.
Process & Improvement
oContribute to SOC documentation, including runbooks, playbooks, and response templates.
oRecommend automation or enrichment workflows using Chronicle or SOAR capabilities.
oParticipate in post-incident reviews to enhance detection and response posture.
Collaboration & Learning
oWork closely with IT, Risk, and Mandiant teams to ensure effective communication and follow-through.
oActively participate in continuous learning and mentorship programs led by the SOC Manager.
Qualifications
Bachelor s degree or equivalent experience in Information Security, IT, or Computer Science.
2 5 years of experience in security operations or threat analysis within a regulated industry (financial services preferred).
Hands-on experience with Microsoft Defender (EDR/XDR) and SIEM tools such as Google Chronicle.
Familiarity with Forcepoint DLP and PhishER platforms desirable.
Understanding of TCP/IP, Windows/Linux operating systems, and network defense fundamentals.
Certifications preferred: Security+, CySA+, or GIAC (GCIAIH).
Success Indicators
Consistently accurate and timely triage of alerts.
Demonstrated collaboration and initiative in improving detection logic.
High-quality documentation and communication of incidents and recommendations.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.