We are an IT Solutions Integrator/Consulting Firm helping our clients hire the right professional for an exciting long term project. Here are a few details.
We are seeking a highly skilled Cybersecurity Analyst with experience in Security Operations Center (SOC) environments to join our Operations Center (OC), Incident Response (IR), and SOX compliance team. This individual will be responsible for identifying, analyzing, and responding to cyber threats and incidents, while also helping design and implement remediation and mitigation strategies. The ideal candidate will be a proactive problem-solver who can influence and collaborate with stakeholders across Security Operations, Incident Response, Application Development, and Infrastructure/Platform teams.
Monitor, analyze, and respond to security events and incidents using SIEM, EDR, and threat intelligence platforms.
Lead or support the triage, investigation, and resolution of security incidents in coordination with SOC and IR teams.
Provide in-depth forensic analysis and root cause investigation of incidents to determine the impact and prevent recurrence.
Develop and implement remediation and containment strategies for identified security events.
Assist with SOX ITGC (IT General Controls) compliance as it relates to cybersecurity operations.
Provide evidence and documentation for audits and assessments related to controls monitoring, vulnerability management, and incident response.
Support remediation of non-compliance findings and internal control deficiencies.
Work with application and infrastructure teams to design and recommend secure configurations, hardening standards, and remediation plans.
Collaborate with threat intelligence and vulnerability management teams to ensure proper prioritization and resolution of high-risk threats.
Create runbooks and playbooks to streamline response activities and improve incident management efficiency.
Act as a liaison between SOC/IR and business/application/platform teams, translating technical threats and controls into business-relevant language.
Influence and support stakeholders at all levels to ensure timely remediation of security issues and adoption of security best practices.
Conduct regular debriefs and post-incident reviews with cross-functional stakeholders.
3–7 years of hands-on experience in cybersecurity roles, ideally within a SOC or IR environment.
Strong knowledge of SIEM tools (Splunk, QRadar, Sentinel, etc.), EDR/XDR platforms, and threat detection methodologies.
Solid understanding of network security, endpoint security, log analysis, and malware behavior.
Experience working with security frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001) and SOX or similar compliance standards.
Ability to draft technical and executive-level incident reports and documentation.
Strong interpersonal and communication skills with an ability to influence technical and non-technical audiences.
Demonstrated ability to prioritize, lead investigations, and provide scalable solutions to security problems.
Certifications such as GCIA, GCIH, CEH, CISSP, CISA, or Security+.
Knowledge of cloud security (AWS, Azure, GCP) and container security (Kubernetes, Docker).
Experience with automated incident response and orchestration (SOAR tools).
Familiarity with Agile/DevOps environments and secure development lifecycle (SDLC) practices.