About the position
This role involves monitoring, triaging, and analyzing security alerts and log data across various platforms to identify potential threats. The SOC Jr. Analyst will act as a liaison between Tier 1/2 SOC analysts and the Incident Response team, performing initial investigations, documenting incidents, and contributing to the optimization of detection rules and response playbooks.
Responsibilities
• Continuously monitor, triage, and analyze real-time security alerts and log data across disparate platforms, including SIEM, SOAR, EDR, and cloud security environments, to identify anomalous behavior and potential indicators of compromise (IoCs).
• Serve as the critical operational hinge and escalation pathway between Tier 1/2 SOC analysts and the Incident Response (IR) team, ensuring high-severity threats are rapidly validated and communicated according to established playbooks.
• Execute initial deep-dive log analysis and technical root-cause investigations to reconstruct threat timelines, assisting senior analysts with containment, mitigation strategies, and formal incident documentation.
• Perform proactive behavioral and pattern analysis on historical network and host logs to identify coverage gaps, collaborating with engineering teams to refine SIEM correlation rules and threat detection methodologies.
• Review and update SOC incident response playbooks, internal workflows, and defensive tool tracking mechanisms by integrating current threat intelligence, emerging attack vectors, and post-incident lessons learned.
Requirements
• High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree OR 4 years of applicable cumulative job specific experience required.
Nice-to-haves
• Practical experience building custom queries or dashboards within Enterprise SIEM platforms (e.g., Splunk SPL, Microsoft Sentinel KQL) and manipulating EDR tools for host isolation.
• Core fundamental networking and systems certifications, such as CompTIA Security+, Network+, or vendor-specific certifications like Splunk Certified User.
• Demonstrated lab experience (e.g., HTB, TryHackMe, blue-team range exercises) simulating initial access, persistence, and lateral movement techniques to validate defensive posture.
Benefits
• Paid time off (PTO)
• Various health insurance options & wellness plans
• Retirement benefits including employer match plans
• Long-term & short-term disability
• Employee assistance programs (EAP)
• Parental leave & adoption assistance
• Tuition reimbursement