Senior Security Analyst

Overview

Security Monitoring & Threat Detection

• Monitor, analyze, and investigate security events across enterprise and customer environments
• Perform advanced event correlation and threat analysis using SIEM and SOAR platforms
• Analyze security alerts to validate incidents and assess business impact and risk exposure
• Investigate and escalate complex or high-severity security incidents in accordance with defined procedures and SLAs
• Support incident containment, eradication, recovery, and post-incident activities

SIEM Administration & Content Development

• Administer, configure, and optimize SIEM platforms and related monitoring technologies
• Develop and maintain:
• + Correlation rules
• + Dashboards
• + Reports
• + Filters
• + Detection use cases
• + Real-time monitoring content
• Support log integration activities and tuning initiatives to improve detection accuracy and reduce false positives
• Work closely with SOC Engineering teams to refine monitoring capabilities and operational effectiveness

Threat Hunting & Advanced Analysis

• Conduct proactive threat hunting activities to identify emerging threats, suspicious behavior, and advanced attack patterns
• Perform multi-stage investigative analysis to trace advanced threats and attacker activities
• Maintain strong understanding of:
• + Advanced Persistent Threats (APTs)
• + Threat actor tactics, techniques, and procedures (TTPs)
• + Incident response methodologies
• + Digital forensics concepts
• Coordinate evidence gathering, investigation documentation, and incident analysis activities

Incident Response & Operational Support

• Prepare and communicate incident analysis findings to relevant stakeholders and response teams
• Support the execution of incident response and escalation procedures
• Analyze recurring incidents and identify opportunities to improve security controls, monitoring capabilities, and operational processes
• Contribute to operational reporting, SOC metrics, and executive-level reporting requirements

Process Improvement & Documentation

• Develop and enhance SOC operational processes, procedures, and playbooks
• Collaborate with L1 and L2 analysts to improve operational workflows and response effectiveness
• Provide recommendations for improvements to:
• + Security architecture
• + Monitoring coverage
• + Policies and procedures
• + Detection capabilities
• Support continuous improvement initiatives aligned with SOC maturity objectives

Technical Leadership & Mentorship

• Serve as a technical escalation point and mentor for junior SOC analysts
• Provide guidance and knowledge transfer to L1 and L2 analysts
• Support capability development and operational readiness initiatives within the SOC team
• Assist in driving strategic cybersecurity and operational security initiatives
• **Requirements**
• 5+ years of experience in SOC operations, Security monitoring, Event analysis , Incident response, and Threat hunting
• Proven experience working within enterprise or managed SOC environments
• Strong hands-on experience with SIEM and SOAR platforms
• Bachelor’s degree in Cybersecurity, Information Security, Computer Science or a related technical field
• Strong understanding of security operations methodologies, threat analysis, and incident response best practices
• Experience working within enterprise, MSSP, or managed security environments is highly preferred