Continuously monitor the Security Information and Event Management (SIEM) dashboard and leverage security tools to detect potential security incidents and anomalies in real-time.
Analyze incoming alerts to determine their relevance and urgency; effectively distinguish between false and true positives to prioritize response efforts.
Conduct investigations by gathering context and other relevant logs to understand scope of alert.
Strictly adhere to established Service Level Agreements (SLAs), Incident Response (IR) playbooks and Standard Operating Procedures (SOPs) to ensure consistent and compliant handling of security events.
Create, update, and manage tickets in our case management system, ensuring all investigative steps, communications, and findings are thoroughly documented.
Identify and escalate complex or high-severity incidents to Tier II or Incident Response Team, providing clear details and a comprehensive summary of initial findings.
Perform basic remediation actions, such as blocking indicators and isolating compromised hosts, when authorized by SOPs or directed by senior personnel.
Demonstrate excellent verbal and written communication skills, when communicating with team members, clients, and/or stakeholders.
Contribute to the team’s knowledge base, creating or updating articles, SOPs, and/or playbooks when new trends or resolution methods are identified.

U.S. citizenship
by nature of our work with the defense industry, all employees must be eligible for a Secret clearance.
Minimum of 0-2 years of experience in a Security Operations Center and/or a combination of experience in IT Support, Networking, or System Administration.
CompTIA Security+ certification is required within the first 2 months of hire.

SOC Analyst I

Key skills