Security Operations Center Analyst

Position Title: SOC Level 3 Implementation Engineer/Analyst

Responsibilities

Security Solution Design and Architecture: Collaborate with stakeholders to understand business requirements and define the architecture and design of security solutions within the SOC. Actively participate in Technical Table Top Drills (internal and external). Actively participate in Incident Response bridge calls. Develop comprehensive security architecture blueprints, SOC Maturity, and defense-in-depth strategies. Experience with security technologies and tools, such as QRadar, Splunk, SumoLogic, Palo Alto SIEM SOAR, CrowdStrike SentinelOne EDR, and endpoint protection platforms.

Technology Evaluation and Selection: Evaluate and recommend security technologies, products, and vendors based on organizational needs, industry best practices, and emerging threats. Conduct proof-of-concept (POC) evaluations to assess the performance, functionality, and suitability of security solutions for deployment within the SOC environment.

Security Solution Implementation: Lead the implementation and deployment of security technologies SIEM and SOAR and solutions within the SOC, ensuring adherence to design specifications and security standards. Configure and customize security products and tools to align with organizational requirements and operational workflows. Coordinate with cross-functional teams, including network engineering, system administration, and application development, to facilitate smooth deployment and integration.

Process Development and Optimization: Define and document security processes, procedures, and workflows within the SOC, including incident detection, response, and remediation. Implement automation and orchestration capabilities to streamline SOC operations and improve response times to security incidents. Continuously assess and optimize security processes to enhance efficiency, effectiveness, and scalability.

Security Tool Management and Administration: Administer and maintain security monitoring and detection tools deployed within the SOC environment, such as SIEM (Security Information and Event Management), SOAR and EDR (Endpoint Detection and Response) platforms. Perform routine maintenance tasks, including software updates, patch management, and configuration changes, to ensure the reliability and performance of security tools. Troubleshoot and resolve technical issues related to security tools and infrastructure, collaborating with vendors and support teams as needed. Log Source integration and its troubleshooting. Documentation and Knowledge Transfer: Prepare RCA for P1 and P2 Security Incidents. Maintain comprehensive documentation of implemented security solutions, configurations, and processes, including design documents, deployment guides, and standard operating procedures (SOPs). Provide training and knowledge transfer to SOC analysts and other stakeholders on new security technologies, tools, and procedures. Conduct technical training sessions, workshops, and brown bag sessions to enhance the skills and capabilities of the SOC team.

Qualifications:

Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience).

8+ years of experience in a cybersecurity role, with a focus on security solution design and implementation.

Strong understanding of cybersecurity principles, concepts, and technologies, including network security, endpoint security, and threat detection.

Experience with security technologies and tools, such as QRadar, Splunk, SumoLogic, Palo Alto SIEM SOAR, CrowdStrike SentinelOne EDR, firewalls, and endpoint protection platforms.

Proficiency in scripting and automation languages (e.g., Python, PowerShell) for integration and workflow automation.

Excellent analytical, problem-solving, and communication skills.Relevant certifications (e.g., CEH, CISSP, CCSP, CISM, GIAC) are preferred.