Security Risk AdvisorsRemote
CyberSOC Consultant, Green Shift
Hawaii, United States of America
Full Time
4 weeks ago
Visa Sponsor
Key skills
CloudDNSPythonSplunkPowerShellLeadershipCommunication
About this role
Role Overview
- Help monitor, triage, and investigate security alerts across endpoint, network, identity, and cloud data sources.
- Document and communicate findings suitable for client consumption.
- Support 24x7 SOC operations and provides exposure to multiple client environments, modern security tooling, and structured mentorship and training.
- Continuously monitor and triage security alerts across endpoint, network, identity, and cloud telemetry.
- Investigate alerts to determine severity, scope, and whether activity is benign, suspicious, or malicious; escalate per documented procedures.
- Perform initial incident response support activities such as evidence collection, timeline development, and basic containment recommendations under supervision.
- Use SIEM, EDR, NDR/NSM, and SOAR platforms to detect, investigate, and respond to threats; examples include Splunk or Microsoft Sentinel (SIEM), CrowdStrike Falcon or Microsoft Defender for Endpoint (EDR).
- Leverage threat intelligence and common frameworks (e.g., MITRE ATT&CK) to enrich investigations and communicate attacker behavior clearly.
- Thoroughly document work in case management systems, including investigation steps taken, evidence reviewed, decisions made, and recommended next actions.
- Communicate status and findings to internal leadership and clients with professionalism and clarity (written and verbal).
- Contribute to continuous improvement by identifying recurring false positives/noisy alerts and providing feedback for tuning and playbook updates.
- Maintain proficiency through required training, labs, and knowledge sharing; follow policies to protect confidential information.
Requirements
- Bachelor’s degree in Information Technology, IT Security, Computer Science, Computer Engineering, or equivalent experience.
- 1-3 years of professional experience, campus applicants are welcome.
- Punctuality and timely attendance to external client and internal stakeholder needs.
- Coursework, labs, internship, or work experience in one or more of: incident investigation, digital forensics fundamentals, information security, systems administration, or computer networking.
- Familiarity with common log sources and security concepts (e.g., authentication logs, Windows event logs, DNS, HTTP, email security).
- Comfort learning new tools and following documented processes; strong attention to detail and case documentation habits.
- Strong written and verbal communication skills and a high level of professionalism in client-facing environments.
- Ability to work effectively on a team while owning independent tasks and meeting deadlines.
- Interest in automation/scripting (e.g., PowerShell or Python)
- Security certifications (e.g., SC-200, Security+, Network+).
Tech Stack
- Cloud
- DNS
- Python
- Splunk
Benefits
- Competitive benefits including mental health support
- Emphasis on a sustainable, healthy, and engaging work culture