Security Operations Center (SOC) Analyst – Inciden

Skills

Incident Response Forensics Splunk Linux Operating Systems Windows

Job Specifications

We are seeking a skilled security operations analyst to join our team, responsible for the identification, triage, and response to security events and incidents. You will work with advanced security tools to analyze and investigate suspicious activities across multiple operating systems, proactively hunt threats, and help maintain our overall cyber resilience.

Key Responsibilities:

Monitor, correlate, and perform initial triage of security events and alerts to assess scope, urgency, and potential impact.
Document and manage incidents from detection to resolution, ensuring detailed and accurate reporting.
Conduct host-based forensic analysis across Windows, Linux, and macOS environments to detect suspicious or malicious activity.
Maintain expertise in operating system internals and artifacts to support ongoing investigations.
Analyze various data sources to identify and assess past or ongoing security threats.
Provide after-hours on-call support (including weekends) as part of a rotational schedule for critical incident response.
Execute threat hunting activities to proactively identify undetected threats and inform security tool improvements.
Build and optimize SIEM dashboards to highlight incidents and monitor activity effectively.
Tune and maintain security policies and configurations across tools like EDR, IPS, and content filters to minimize false positives and improve detection accuracy.

What We’re Looking For:

5 plus years of experience in security operations, digital forensics, incident response, vulnerability management, intrusion detection, or related areas.

3-5 plus years of experience with Splunk, Linux and Windows Analysis
Hands-on experience with EDR/XDR technologies and/or open-source DFIR tools (e.g., KAPE, Plaso/Log2Timeline, Autopsy).
Strong understanding of Windows and Linux operating systems, including forensic artifacts and investigation techniques.
Proficiency in analyzing logs, events, and other telemetry from various enterprise data sources.
Experience creating SIEM dashboards and tuning security tools to enhance detection and reduce alert fatigue.
Bachelor’s degree in a related field or equivalent work experience.

About the Company

WE KNOW ALL THE TOP PEOPLE. We've made it our top priority to be people-focused and build relationships - ensuring that all our top choices deserve to be in your top stack. This personal approach is how we find the best people, simplify decisions, and save everyone's time. Know more