Monitor, detect, analyze, and respond to cybersecurity threats across the organization's environment
Oversee detection queue health and ensure consistent SLA adherence
Conduct advanced investigations involving complex, multi-stage attacks across endpoint, identity, network, cloud, and third-party environments
Act as a primary escalation point for major incidents
Drive continuous improvement of detection logic, escalation criteria, and investigative workflows
Support incident response efforts during active security events
Participate in threat hunting missions derived from threat intelligence reporting
Contribute to the development, testing, and refinement of detection rules and correlation logic in the SIEM
Review vulnerability scan results and assist in triaging findings based on severity, exploitability, and asset criticality
Support the review and triage of alerts generated by User and Entity Behavior Analytics (UEBA) platforms

Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or equivalent practical experience
2–4+ years of experience in a SOC, IT security, or related technical role depending on level applied for
Familiarity with enterprise IT environments including Windows/Linux systems, Active Directory, and cloud platforms (Azure, AWS, GCP)
Experience with security tools such as SIEM (Sentinel, Splunk), EDR (CrowdStrike, SentinelOne, Defender), or email security platforms
CompTIA Security+, CySA+, or equivalent foundational security certification preferred
Microsoft SC-200 (Security Operations Analyst) or AZ-900/AZ-500 preferred
EC-Council CEH, SANS GCIA/GCIH, or GREM preferred for L3

Security Operations Center Analyst – L3

Key skills