Security Operations Center Analyst managing incidents and security alerts for 7 - Eleven stores. Focusing on in - depth analysis and proactive monitoring within a state - of - the - art Security Operations Center.
About the role
- Senior SOC Analyst leading advanced security monitoring and response across various platforms. Collaborating with teams to strengthen security posture and mentor junior analysts.
Responsibilities
- Perform advanced L2/L3 alert triage and investigations across endpoint, network, cloud, and edge security platforms
- Lead investigations using SIEM tools to validate incidents, reduce noise, and determine impact
- Analyze and respond to edge security events including WAF, DDoS, bot activity, and Zero Trust alerts
- Act as an escalation point for confirmed incidents and support containment and response actions
- Conduct root cause analysis and threat investigations, identifying attacker behavior and scope of impact
- Design, tune, and maintain detection rules and logic across SIEM platforms
- Improve detection coverage by aligning rules with the MITRE ATT&CK framework
- Mentor and guide junior SOC analysts and contribute to skill development across the team
- Help build and maintain investigation playbooks and incident response runbooks
- Collaborate with SOC leadership, Cloud Security, and DevOps teams to improve security controls and visibility
Requirements
- 5+ years of experience as a SOC Analyst (L2/L3)
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience
- Hands-on experience with SIEM platforms (Splunk, Graylog, or similar)
- Experience performing alert triage, incident investigation, and escalation
- Strong knowledge of networking protocols (TCP/IP, DNS, HTTP/HTTPS, BGP)
- Experience analyzing AWS security logs (CloudTrail, CloudWatch, VPC Flow Logs)
- Experience with container and Kubernetes runtime security (Kubernetes, Amazon EKS)
- Hands-on experience with Cloudflare security tools (WAF, DDoS, Bot Management, Zero Trust)
- Strong understanding of IDS/IPS, firewalls, proxies, and DLP technologies
- Experience conducting root cause analysis and post-incident reviews
- Familiarity with MITRE ATT&CK framework and NIST incident response standards
- Experience developing and tuning SIEM detection rules
- Knowledge of scripting or automation (Python, PowerShell, or Bash)
- Foundational understanding of AI/ML security concepts and LLM-related risks
- Strong analytical, investigation, and incident handling skills
- Ability to communicate technical findings to non-technical stakeholders
- Relevant certifications preferred (GCIA, GCIH, CompTIA CySA+, AWS Security Specialty)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Operations Manager at Qnity managing physical security programs across global sites. Overseeing operations and collaborating with cross - functional teams to mitigate risk and maintain secure facilities.
SOC Analyst monitoring security events and responding to incidents at Junglee Games. Collaborating on security protocols to ensure protection of digital assets.
Senior Director of Global Security Operations at CyrusOne strategizing and managing security across global data centers. Driving execution, governance, and operational excellence in a high - availability environment.
Cybersecurity generalist at PwC providing security solutions and maintaining the protection of client systems. Involves monitoring security alerts, incident response, and collaboration with stakeholders.
Security Operations Manager overseeing safety measures for corporate office locations and events at Whatnot. Responsible for developing security frameworks and managing vendor relationships across global operations.
Manager overseeing technical security operations for the Protection Services department. Responsible for managing security systems, staff training, and interdepartmental collaboration.
Principal in Security Monitoring Response at Mastercard managing global crises and resilience operations. Leading incident response efforts and ensuring the safety of people and assets.
SOC Analyst II providing real time security monitoring and threat hunting services for clients in various industries. Assisting in identifying security incidents and managing vulnerabilities.
Senior Security Operations Engineer at Field Nation; leading security operations and incident response to enhance cybersecurity posture.