Cybersecurity Operations Center Tier 3 Analyst

ABOUT the MAD SECURITY TEAM

At MAD Security, your passion for excellence and dedication to integrity can thrive. Every challenge is an opportunity to innovate, and every project is a chance to exceed expectations. As an esteemed team member, you’re not just doing a job; you’re making a difference in a culture that values hard work, accountability, and continuous growth. Be a part of a team where your efforts are recognized and celebrated, your integrity is cherished, and your professional development is a priority.

POSITION OVERVIEW

We seek a Tier 3 Security Operations Center (SOC) Analyst with experience working in a SOC or NOC in the MSP or MSSP environments. The ideal candidate will have a passion for high standards and constant improvement with a focus on safeguarding our clients by simplifying cybersecurity challenges. Candidate must have extensive experience in SOC operations and management, incident response (IR), firewall management (FW), and vulnerability management (VM).  As a SOC Tier 3 Analyst, this position is part of a multi-function team, including network engineers, cyber operations technical leads, cyber operations center managers, firewall engineers, and compliance management consultants.

The Tier 3 Analyst reports to the Senior Cyber Engineer. The key responsibilities of this position fall into three categories: 1. You will provide cybersecurity advice and support to our clients, understanding how to build rapport and maintain client relationships with a focus on partnership to address their cybersecurity challenges;  2. You will participate in meetings and discussions with senior company executives, Information System Managers, and Cybersecurity Specialists within and outside of MAD Security; and 3. You will participate in accomplishing company monthly, quarterly, and annual objectives. 

PRIMARY DUTIES and ESSENTIAL FUNCTIONS

• Master utilizing the technical tools and procedures used to manage the SOC
• Deep understanding of how SIEM/SOAR technologies function
• Experience in administrating and maintaining Elasticsearch
• Experience in problem solving during incident response event
• Experience with planning and executing focused threat hunt operations
• Collaborate with all SOC experts to monitor, identify and make notifications on cybersecurity matters to provide a holistic and seamless cybersecurity experience for the client
• Analyze, triage, aggregate, escalate and report on client security events including investigation of anomalous and malicious activity
• Perform correlation and trend analysis of security logs, network traffic, security alerts, events and incidents
• Continuously work to improve SOC technologies to minimize false positives and maximize detection and prevention effectiveness
• Develop and track key performance indicators (KPIs) related to SOC operations to benchmark and further enhance capabilities
• Develop comprehensive and accurate reports and presentations for technical and executive audiences
• Design and conduct proof-of-concept tests to replicate third-party findings and propose solutions to resolve discovered security issues
• Communicate regularly with team and with clients to proactively address concerns

REQUIRED QUALIFICATIONS

• Minimum six (6) years of experience in IT Security and/or Information Technology.
• Experience working in a Security Operations Center in an enterprise or managed services provider environment is desired.
• Experience in an incident response, forensics, malware reverse engineering or incident investigation role in large scale environments is desired.
• A bachelor's degree in the following areas of study is preferred: Information Technology, Information Security/Assurance, Computer Science, or an equivalent combination of education and experience. A master's degree is a plus.
• Industry-recognized professional certifications such as: GCIH, GCFA, GNFA, GREM
• Experience with industry security tooling is required.
• Fortinet, AT&T AlienVault, Avanan, Preveil, Bricata, Elastic is a plus.

Skills and Capabilities

• Strong problem-solving and critical-thinking skills.  Ability to prioritize and execute autonomously.
• Ability to develop and manage cybersecurity projects.
• Ability to communicate effectively with all staff, management, and clients orally and in writing.
• Ability to collaborate across the organization and operate effectively with multiple teams and solutions towards a shared goal.
• Strong understanding of the latest security principles and protocols.
• Strong understanding of security operations technologies, including SIEM and orchestration.
• Ability to tune correlation rules and outcomes via security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms.
• Demonstratable working knowledge of emerging technologies and tactics used within a SOC or IR and how they are applied to improve efficiency and effectiveness.
• Understanding of tactics, techniques, and procedures associated with cyber threats and the ability to develop relevant alerting, countermeasures, and threat-hunting techniques.

Supervisor Responsibilities

None

Location and Work Environment

While performing the duties of this job, the employee regularly works onsite in an office setting. This position is exclusively located in Huntsville, Alabama.

Physical Demands

The physical demands described herein are representative of those that an employee must meet to perform the Primary Duties of this Job Description successfully.

Travel

None

Other Duties

Please note this Job Description is intended to describe the general nature and level of work to be performed by the employee(s) assigned to this Job Title. It is not designed to contain nor be interpreted as a comprehensive and/or all-inclusive list of duties, responsibilities, and qualifications. MAD Security, LLC reserves the right to amend and/or change responsibilities to meet business and organizational needs, as necessary, with or without notice.

OUR CORE VALUES

·       Passion for High Standards and Constant Improvement. We take great pride in the professional quality of our work and will never compromise this quality for short-term gains. The terms "good enough," "that's how it has always been done," and "minimum necessary" do not exist in our culture or business. You will find us continuously improving by setting our standards bar high, and once that standards bar is achieved, we will energetically and passionately raise the standards bar to achieve even more in a perpetual process of constant improvement seeking greatness.

·       Integrity. We possess and demonstrate the highest set of moral and ethical principles to always do the right thing, no matter who's watching. All our actions are carried out with honesty, honor, and truthfulness, ensuring we perform to the best of our abilities and act on our principles.

·       We Do the Work (Accountable). We take full ownership of our activities and the results they bring, demonstrating this commitment through decisive actions, not just words. As a team, we hold one another to the highest standards, tackling each task with professionalism and a dedication to success. Our proactive work ethic ensures we achieve our goals through intentional, persistent effort and continuous self-correction. We understand that true excellence is achieved through consistent hard work and consistent, steadfast pursuit of our objectives.

·       Coachable (Collaboration). Committed to continuous growth, we embrace each person's vast potential for self-improvement. Our culture fosters reciprocal evolution and open dialogue, where listening, challenging, and collaborative solution-seeking are the norm. We prize self-reflection and mutual encouragement, knowing that true coachability means actively seeking—not just accepting—feedback. In our coachable environment, feedback flows freely among all, from supervisors to peers to subordinates, with everyone encouraged to engage in coaching. Being coachable goes beyond receptiveness to guidance; it's about proactively seeking it and acknowledging we all have valuable insights to share and learn from.

·       Professional. We exemplify the 10 Characteristics of a Professional: Customer Service and Satisfaction First; Expertise is Our Specialty; Do and Deliver More Than Expected; Deliver on What We Say and What We Can Do; Communicate Effectively; Follow Exceptional Guiding Principles; Praise Our Co-Workers; Share Knowledge; Express Gratitude; and Maintain the Right Attitude.

10 Characteristics of Every Professional at MAD Security

Customer Service and Satisfaction First. Understanding and satisfying our customers is the cornerstone to our success. We must do what is necessary to meet those needs.

Expertise is our Specialty. The very word professional implies expertise, and technical competence is essential to our service-oriented structure. We must become an expert in the skills and tools we use in our operations, we must perform to the best of our abilities, and we must keep our knowledge up to date.

Do and Deliver More Than Expected. Professionals are expected to produce results. We strive to complete deliverables before they are due, of higher quality than anticipated, and under budget. Professionals exceed expectations whenever possible.

Deliver on What We Say and What We Can Do. Professionals deliver on promises made. We engage our brain before speaking; Before we say we can do something, we make sure we can do it.

Communicate Effectively. Whether verbal or written, professionals communicate clearly, concisely, thoroughly, and accurately. Effective communication is ultimately our responsibility as a professional.

Follow Exceptional Guiding Principles. Professionals adhere to high ethical values and principles. We appreciate and support our co-workers, practice good manners and proper etiquette, are honest and fair in all our dealings, and have a high ethical and moral standard.

Praise Our Co-workers. Professionals are humble and generous in their praise for others. We respect and acknowledge the talents and capabilities of our co-workers.

Share Knowledge. Professionals help their peers and co-workers and are respected for doing so. Information isn't a limited resource; our minds won't be emptied by giving away kernels of wisdom or experience. We think of knowledge as an ocean of facts and not a stream of data. It is possible to share what we know and stay one step ahead of the competition — professionals simply apply themselves to learn something new daily.

Express Gratitude. Professionals thank others in a meaningful way that most benefits the recipient.

Maintain the Right Attitude. Professionals are pleasant even during trying times.

About MAD Security, LLC

Founded in 2010, MAD Security is a dynamic, Service-Disabled Veteran-Owned Small Business (SDVOSB) cybersecurity managed security services provider (MSSP). We are dedicated to safeguarding the defense industrial base, maritime, and government contractor businesses from EVIL by simplifying the cybersecurity challenge. Our comprehensive suite of services includes Security Operations Center (SOC) as a Service (SOCaaS), Managed Detection & Response, Incident Response, GRC Gap Assessments, User Awareness Training, Penetration Testing, and more.

Our core SOC services deliver relentless monitoring, rapid threat detection, and swift response to keep our clients' environments secure. By integrating NIST frameworks and standards into all our services, we ensure top-tier compliance and best practices.

Driven by our Core Values—Passion for High Standards and Constant Improvement, Integrity, We Do the Work, Coachability, and Professionalism—our commitment to excellence is unwavering. Recognized as a Top 250 MSSP by MSSP Alert for three consecutive years and honored as an Inc. Best Workplace for two consecutive years, the MAD Security team of cyber warriors consistently delivers exceptional managed services and tailored technology solutions to meet the unique needs of defense industry stakeholders.