Security Operations Center Analyst, L1 or L2

Phoenix, AZ, US • Posted 4 hours ago • Updated 4 hours ago

Contract W2

Contract Independent

On-site

$45/hr

Vaco by Highspring

Fitment

Dice Job Match Score™

✨ Finding the perfect fit...

Job Details

Skills

Summary

Vaco is partnering with a nationally recognized retail organization to build out its Security Operations Center as part of a broader cybersecurity maturity initiative. This team supports enterprise security across corporate systems, retail operations, and cloud-heavy environments.

These contract roles will sit within a growing SOC organization focused on strengthening detection, response, vulnerability management, and data protection capabilities. The environment includes MDR, EDR, SIEM, SOAR automation, vulnerability management tooling, and DLP programs aligned to frameworks such as NIST and CIS.

This position is based in Tempe, Arizona and requires in-office presence Monday through Thursday. Fridays are optional remote days.

Level will be determined based on experience. Opportunities to extend and/or convert are on the table as well. This role is not open for C2C engagements.

What You’ll Be Doing

Monitor security events and alerts across SIEM, MDR, and EDR platforms
Investigate, triage, and escalate security incidents in accordance with established playbooks
Support incident response activities including containment, eradication, and recovery efforts
Document findings and contribute to post-incident reviews and lessons learned exercises
Assist with vulnerability management efforts including validation, prioritization, and remediation tracking
Partner with infrastructure and application teams to support timely patching and risk mitigation
Contribute to DLP monitoring and investigation of potential data exfiltration events
Participate in SOC workflow refinement and continuous improvement initiatives
Support the development and tuning of detection rules and automation within SOAR platforms
Maintain accurate case documentation and metrics for reporting and compliance alignment

Required Experience

L1 Expectations

1+ years of experience in a SOC, incident response, or cybersecurity operations role
Hands-on experience working with SIEM platforms and alert triage
Familiarity with EDR and endpoint security tools
Understanding of common attack vectors and incident response fundamentals
Strong documentation and communication skills

L2 Expectations

3+ years of cybersecurity operations experience
Proven experience handling complex investigations independently
Experience tuning detection rules and improving alert fidelity
Strong understanding of vulnerability management processes
Familiarity with SOAR automation workflows
Experience operating in cloud-based environments such as AWS, Azure, or Google Cloud Platform

For both levels:

Working knowledge of frameworks such as NIST, CIS Controls, PCI, SOX, or CCPA
Ability to operate effectively during high-pressure, time-sensitive incidents
Strong analytical and critical thinking skills

Nice to Have

Experience in SaaS-heavy or multi-cloud environments
Exposure to DLP tools and data classification programs
Scripting experience in Python, PowerShell, or similar
Industry certifications such as Security+, CySA+, GCIH, or similar

Determining compensation for this role (and others) at Vaco/Highspring depends upon a wide array of factors including but not limited to the individual’s skill sets, experience and training, licensure and certifications, office location and other geographic considerations, as well as other business and organizational needs. With that said, as required by local law in geographies that require salary range disclosure, Vaco/Highspring notes the salary range for the role is noted in this job posting. The individual may also be eligible for discretionary bonuses, and can participate in medical, dental, and vision benefits as well as the company’s 401(k) retirement plan. Additional disclaimer: Unless otherwise noted in the job description, the position Vaco/Highspring is filing for is occupied. Please note, however, that Vaco/Highspring is regularly asked to provide talent to other organizations. By submitting to this position, you are agreeing to be included in our talent pool for future hiring for similarly qualified positions. Submissions to this position are subject to the use of AI to perform preliminary candidate screenings, focused on ensuring minimum job requirements noted in the position are satisfied. Further assessment of candidates beyond this initial phase within Vaco/Highspring will be otherwise assessed by recruiters and hiring managers. Vaco/Highspring does not have knowledge of the tools used by its clients in making final hiring decisions and cannot opine on their use of AI products.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10115369
Position Id: 470505
Posted 4 hours ago

Company Info

About Vaco by Highspring

Vaco is the Talent Solutions division of Highspring, a leading global professional services organization. With expertise in Accounting and Finance, Technology and Digital, and Human Resources and Operations, Vaco provides Contract Staffing and Direct Hire solutions. Vaco’s parent company, Highspring, helps clients with two additional integrated service offerings: Consulting and Managed Services. With more than 10,000 employees across more than 45 offices worldwide, Highspring gives partners the agility to thrive, address challenges, and seize opportunities in a rapidly changing world. Get to know us at vaco.com. 