Sr SOC Engineer

MissionStaff specializes in delivering top-tier talent in Technology, Creative, and Marketing, as well as the Business Services that support these teams. Serving companies ranging from mid-sized enterprises to the Fortune 500, we build lasting relationships with talent and clients to power career opportunities and business. We are currently filling the following permanent role with our client in Boston, MA but the job is 100% remote but must be EST or CST

Please note that we do not accept unsolicited resumes from third-party recruiters or agencies. Additionally, candidates must be Permanent Residents or US Citizens to be considered for this position.

Job Summary

Our Client is seeking a highly skilled and experienced Sr SOC Engineer to join our Security Operations Center (SOC). This is a hands-on technical role requiring deep expertise in cybersecurity tools, methodologies, and incident handling, with a focus on root-cause analysis, digital forensics, and a proven track record in managing SOC operations within industry environments.

Key Responsibilities

Develop and maintain SOC processes, workflows, and playbooks to align with industry best practices (e.g., MITRE ATT&CK, NIST, ISO 27001).

Act as the primary escalation point for critical security incidents.

Incident Response & Management :

Build, implement, and execute the Incident Response (IR) framework, ensuring swift and effective handling of security incidents.

Perform advanced threat analysis, containment, eradication, and recovery processes.

Conduct root-cause analysis to identify vulnerabilities and recommend remediation actions.

Oversee forensic investigations to analyze compromised systems, malicious activity, and data breaches.

Collaborate with stakeholders across IT, Cloud, and Product teams during incident investigations.

Technical Oversight :

Manage and optimize security tools such as SIEM, EDR, NDR, SOAR, and vulnerability management platforms.

Lead threat hunting initiatives to proactively identify potential risks.

Ensure logging, monitoring, and alerting solutions are correctly implemented and meet organizational requirements.

Required Skills and Experience

Technical Expertise :

5 plus years of SOC experience

Strong knowledge of SOC tools and technologies, including but not limited to :

SIEM (e.g., Splunk, Sentinel, QRadar)

Endpoint Detection and Response (e.g., CrowdStrike, SentinelOne)

Network Detection and Response (e.g., Darktrace, Corelight)

SOAR Platforms (e.g., Palo Alto Cortex XSOAR, ServiceNow SecOps)

Threat Intelligence Platforms

Hands-on experience with scripting and automation (Python, PowerShell, Bash).

Expertise in root-cause analysis and digital forensics, including disk imaging, memory analysis, and malware reverse engineering.

Expertise in network security, system hardening, and cloud security (AWS, Azure, GCP).

Deep understanding of attack techniques and frameworks such as MITRE ATT&CK, OWASP, and Lockheed Martin Cyber Kill Chain.

Familiarity with regulatory and compliance standards (e.g., GDPR, CCPA, PCI DSS, ISO 27001)

Must have GIAC Certified Incident Handler (GCIH)

Soft Skills :

Strong analytical and problem-solving abilities.

Excellent communication skills, capable of conveying complex technical issues to non-technical stakeholders.

Preferred Qualifications

Certifications such as CISSP, CISM, CCSP, GCFA, GNFA, or OSCP.