Tech Stack

Description

You will serve as a vital member of the Security Operations Center, monitoring security systems, analyzing alerts, identifying potential incidents, and responding swiftly to mitigate cyber threats. You'll leverage security tools, threat intelligence, and established procedures to maintain a strong security posture while collaborating with SOC team members and incident responders.

Requirements

• Bachelor’s degree in computer science, information technology, cybersecurity, or equivalent experience
• Proven experience working in a SOC or similar cybersecurity environment
• Strong understanding of networking concepts and protocols (TCP/IP, DNS, HTTP, etc.)
• Proficiency using SIEM tools, especially Splunk
• Familiarity with IDS/IPS, EDR, and other security platforms (Snort, Suricata, CrowdStrike, SentinelOne)
• Basic to intermediate scripting skills (Python, Bash) for automation and analysis
• Strong analytical and problem‑solving skills
• Excellent communication and teamwork abilities
• Ability to operate in a fast‑paced 24/7 SOC environment
• Knowledge of common operating systems (Windows, Linux, macOS)
• Understanding of cloud security concepts

Responsibilities

• Actively monitor SIEM, IDS/IPS, EDR, firewalls, and other security systems for suspicious activity
• Triage and analyze security alerts, identifying true threats vs. false positives
• Support incident response activities including triage, containment, eradication, and recovery
• Analyze security logs and correlate events across multiple sources
• Integrate threat intelligence into monitoring workflows and incident investigations
• Document incident details, timelines, and actions taken
• Assist in tuning, configuring, and maintaining security tools
• Support compliance initiatives aligned to NIST, FISMA, and internal policies
• Collaborate with SOC team members, incident responders, and IT operations
• Maintain awareness of emerging cyber threats, vulnerabilities, and security practices