SOC Analyst / Junior Engineer

Job Summary

The SOC Analyst/Engineer designs, implements, and maintains security monitoring tools and processes to support a 24/7 Security Operations Center (SOC). This role develops detection use cases, automates workflows, fine-tunes alerts, and ensures log quality to detect and respond to threats effectively.

Responsibilities

• Design, implement, and maintain security monitoring tools and integrations supporting SOC operations
• Develop detection use cases to identify security threats across customer environments
• Automate workflows to improve SOC efficiency and incident response times
• Fine-tune alerting logic to reduce false positives and enhance threat detection accuracy
• Ensure quality and completeness of log ingestion from diverse data sources
• Support onboarding of new clients by integrating relevant data sources into security platforms
• Maintain up-to-date documentation and runbooks for SOC processes and tools
• Collaborate closely with SOC Analysts, Incident Responders, and platform owners to optimize security operations
• Monitor and support high-availability SOC platforms to ensure continuous performance and reliability

Required competencies and certifications

• Proficiency with SIEM platforms such as Splunk, ELK Stack, or ArcSight
• Strong understanding of network and system fundamentals to support security monitoring
• Ability to analyze logs and interpret security data to detect threats
• Knowledge of incident response procedures and best practices
• Ability to identify and classify security threats and anomalies accurately
• Strong attention to detail and organizational skills to maintain SOC documentation and processes
• Excellent problem-solving and analytical abilities to troubleshoot security issues
• Clear written and verbal communication skills for effective collaboration
• Ability to work effectively in a team environment

Preferred competencies and qualifications

• Security certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC certifications
• Experience with ticketing and case management systems to track incidents
• Basic scripting knowledge in Python or Bash to automate tasks
• Familiarity with malware analysis concepts to support threat investigations
• Understanding of cloud security principles and threats to enhance monitoring capabilities
• Experience with threat intelligence platforms to enrich detection use cases
• Knowledge of common attack vectors and tactics to improve security posture