Cybersecurity SOC Analyst Intern providing hands - on experience in monitoring security events. Collaborating with experienced analysts to protect organizational systems and data in a hybrid setup.
About the role
- Senior SOC Analyst at RSM leading high-severity investigations and guiding SOC's technical direction. Engaging with diverse client organizations in a managed security services environment.
Responsibilities
- Lead complex, high-severity investigations across endpoint, network, cloud, and identity telemetry.
- Perform root cause analysis and reconstruct incident timelines using aligned MITRE ATT&CK mapping.
- Serve as the primary technical liaison during escalated incidents, delivering clear findings and remediation steps to internal leadership and clients.
- Drive the creation of After-Action Reports (AARs) and lessons learned to improve tooling, detections, and workflow performance.
- Identify detection gaps and collaborate with Detection Engineering to develop, refine, and tune detection content across relevant telemetry sources.
- Validate new detections before SOC deployment and provide measurable feedback based on production telemetry.
- Leverage SOAR platforms to automate enrichment, triage, and response actions.
- Identify repetitive patterns ideal for automation and propose workflow enhancements to reduce MTTR.
- Validate automation logic prior to production rollout and ensure alignment with SOC escalation policies.
- Support hypothesis-driven and intelligence-led hunts by validating findings, artifacts, and suspicious patterns.
- Mentor junior analysts on investigation techniques, tooling proficiency, case documentation, and proper analytical depth.
- Produce clear, concise, and accurate technical reports, incident summaries, and executive-friendly communications.
Requirements
- 5+ years in SOC / detection engineering / threat hunting / incident response (or equivalent depth)
- Demonstrated experience leading complex investigations and communicating findings to both technical and non-technical stakeholders
- Hands-on SIEM/EDR/XDR investigation experience and comfort writing or tuning detections (KQL/SPL/Sigma or similar)
- Strong working knowledge of incident response lifecycle and evidence-driven root cause analysis
- Certifications such as GCIH, GCFA, GCDA, or similar preferred.
- Experience with Elastic, Splunk, or other search-based platforms preferred.
- Knowledge of the MITRE ATT&CK framework preferred.
- Exposure to scripting languages for automation and enrichment preferred.
Benefits
- competitive benefits and compensation package
- flexibility in your schedule
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Operations Junior Analyst responsible for security monitoring and incident handling in a technology hub. Working with tools to ensure safety of enterprise information systems 24/7 in Cluj - Napoca.
SOC Analyst managing and responding to security incidents within a digital security team. Involves analyzing security data, collaborating with teams, and implementing security measures.
Information Security Analyst supporting information security function at Ten, a trusted service provider. Ensuring compliance with global standards and managing security risks within the organization.
Security Operations Center Analyst managing incidents and security alerts for 7 - Eleven stores. Focusing on in - depth analysis and proactive monitoring within a state - of - the - art Security Operations Center.
Security Operations Manager at Qnity managing physical security programs across global sites. Overseeing operations and collaborating with cross - functional teams to mitigate risk and maintain secure facilities.
SOC Analyst monitoring security events and responding to incidents at Junglee Games. Collaborating on security protocols to ensure protection of digital assets.
Senior Director of Global Security Operations at CyrusOne strategizing and managing security across global data centers. Driving execution, governance, and operational excellence in a high - availability environment.
Cybersecurity generalist at PwC providing security solutions and maintaining the protection of client systems. Involves monitoring security alerts, incident response, and collaboration with stakeholders.
Security Operations Manager overseeing safety measures for corporate office locations and events at Whatnot. Responsible for developing security frameworks and managing vendor relationships across global operations.