What are the responsibilities and job description for the Security Operations Center Analyst position at IPolarity?
Job Title: Senior SOC Analyst (L3)
Location: Denver, CO (Hybrid) – Remote is a possibility for USC/GC
Duration: Contract - 12 Months
Project-Specific Prerequisite Skills:
• Rapid7 InsightIDR (XDR SIEM)
• Rapid7 InsightConnect (SOAR)
Key Responsibilities:
• Incident Detection & Response: Lead incident response activities, ensuring quick detection,
analysis, and resolution of security incidents. Provide hands-on support to the SOC team during
high-priority events.
• SIEM & SOAR Management: Manage and configure Rapid7 InsightIDR and InsightConnect,
including log source integration, custom parser development, and optimization of correlation
rules and use cases.
• Threat Analysis: Conduct in-depth analysis of security events to identify successful intrusions
and compromises. Differentiate false positives from genuine threats to minimize incident noise.
• Automation & Orchestration: Leverage Ansible, Puppet, Python, and PowerShell to automate
repetitive SOC tasks, enhance incident response processes, and improve efficiency.
• Configuration Management: Use Ansible and Puppet to standardize and manage SOC system
configurations across multiple environments.
• Investigation Management: Lead investigations of incidents escalated by Level 1 analysts and
ensure thorough documentation and resolution.
• Quick Mitigation Techniques: Implement interim defensive measures until permanent solutions
can be deployed.
• Security Enhancements: Develop and maintain playbooks in Rapid7 InsightConnect to
orchestrate and streamline SOC operations.
• Gap Analysis & Recommendations: Identify gaps in the security environment and recommend
appropriate measures for risk mitigation.
• Vulnerability Awareness: Stay up to date with the latest vulnerabilities, threat advisories, and
penetration techniques to proactively defend against emerging risks.
Desired Skills:
• 15 years of relevant experience
• Strong experience with Rapid7 InsightIDR and InsightConnect, including advanced
configuration, rule development, and integration.
• Proficiency in automation and scripting tools, including Python, PowerShell, and Bash, to
streamline security operations.
• Hands-on expertise with Ansible and Puppet for configuration management, automation, and
environment standardization.
• Advanced knowledge of SIEM and SOAR tools, with proven experience optimizing detection and response workflows.
• Familiarity with incident response frameworks such as NIST, MITRE ATT&CK, and SANS.
• Strong understanding of firewalls, IDS/IPS, antivirus, EDR, and behavioral analytics tools.
• Experience with API integrations for security toolsets and custom reporting solutions.
• Knowledge of log analysis tools, threat intelligence platforms, and vulnerability scanners.
• Relevant certifications such as GCIH, CEH, CISSP, or certifications related to Rapid7 InsightIDR
(must have), Ansible, or Puppet are highly desirable.
Educational & Professional Qualifications:
• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field,
or equivalent professional experience.
