Senior Soc Analyst

The Senior SOC Analyst will focus on managing True Positive incidents, conducting detailed root cause analyses, and implementing remediation measures. This specialist will ensure that each confirmed incident is thoroughly addressed with strategic insights, containment actions, and preventive recommendations. Working closely with the SOC Automation and threat-hunting teams, this role enhances our threat detection and response capabilities, reinforcing our commitment to proactive cybersecurity for clients.

Key Responsibilities:

1. Incident Monitoring and Confirmation:
• Continuously monitor and analyze security alerts to validate potential security incidents.
• Perform in-depth reviews and analysis of True Positive alerts to confirm incidents, root causes, and impact.

2.Incident Response Ownership:

• Lead individual incident response activities by coordinating analysis, containment, and mitigation.
• Analyze security events, research root causes, and recommend actionable steps for containment and prevention.
• Provide end-to-end management of the incident response process, including deep event review, analysis, and documentation.

3.Threat Hunting and Improvement:

• Hunt for indicators of compromise (IOCs) across various technology platforms, identifying hidden threats.
• Continuously improve alerting mechanisms and threat-hunting programs by refining detection use cases and processes.

4.Collaboration and Automation:

• Partner with the SOC Automation team to automate repetitive tasks, optimizing efficiency and freeing time for high-impact work.
• Participate in proof-of-concept assessments of new security tools, contributing insights for security product evaluation.

5.Reporting and Communication:

• Generate detailed incident reports for SOC leadership and business stakeholders, highlighting findings, impact, and recommendations.
• Conduct thorough post-mortem reviews to capture lessons learned and drive continuous improvement within SOC processes.

6.Research and Development:

• Stay current with security trends and threats, applying insights to improve processes, tools, and response strategies.
• Contribute to the evolution of internal security processes, integrating best practices from industry research.

7.Team Mentorship and Knowledge Sharing:

• Mentor junior analysts, guiding them on incident analysis, threat hunting, and root cause identification.
• Communicate effectively with team members and clients, ensuring clarity in post-incident summaries and recommendations.

Qualifications and Skills:

• 7+ years of experience in a SOC or cybersecurity environment, with demonstrated incident response and EDR/SIEM expertise.
• Strong analytical skills and hands-on experience with root cause analysis, threat hunting, and remediation.
• Familiarity with security frameworks like NIST, ISO 27001, and MITRE ATT&CK.
• Excellent communication skills for producing clear and actionable post-mortem reviews and incident reports.
• Experience in customer-facing roles with a focus on client relationship management.