SOC Analyst

Job Summary:

We are seeking a highly motivated and experienced SOC Analyst to join our dynamic cybersecurity team. The ideal candidate will have hands-on experience with a variety of security technologies, including Splunk for SIEM, Cofense for email security monitoring, Exabeam for UEBA, and a leading SOAR platform. This role is responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats and incidents to protect our organization's assets.

Responsibilities:

Monitor and analyze security alerts from Splunk, Cofense, Exabeam, and other security tools to identify and investigate potential security incidents.

Utilize Splunk Search Processing Language (SPL) to perform in-depth analysis of log data and create custom alerts, dashboards, and reports.

Analyze and respond to user-reported phishing emails using the Cofense platform, and contribute to the continuous improvement of our email security posture.

Leverage Exabeam to detect and investigate anomalous user and entity behavior, including insider threats and compromised accounts.

Develop and maintain automated incident response playbooks in our SOAR platform to streamline response efforts and reduce manual tasks.

Conduct incident response activities, including containment, eradication, and recovery, in accordance with established procedures.

Perform threat hunting activities to proactively identify and mitigate potential threats that may have bypassed existing security controls.

Collaborate with other IT and security teams to resolve security incidents and implement preventative measures.

Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and industry best practices.

Contribute to the development and maintenance of SOC documentation, including standard operating procedures (SOPs) and incident response plans.

Qualifications:

Education: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.

Experience: 3+ years of experience in a Security Operations Center (SOC) or a similar cybersecurity role.

Technical Skills:

Proven experience with Splunk, including SPL and the Enterprise Security (ES) app.

Hands-on experience with Cofense or a similar email security solution.

Demonstrated experience with Exabeam or another UEBA platform.

Proficiency with a SOAR platform such as Palo Alto Cortex XSOAR, IBM SOAR, or Splunk SOAR, including playbook development.

Strong understanding of networking, operating systems, and security principles.

Scripting experience (e.g., Python) is highly desirable.

Certifications (Preferred):

Splunk Core Certified User / Power User

GIAC Certified Incident Handler (GCIH)

Certified Ethical Hacker (CEH)

Other relevant security certifications.

Soft Skills:

Excellent analytical and problem-solving skills.

Strong written and verbal communication skills.

Ability to work effectively in a fast-paced, team-oriented environment.