SOC Analyst

Location: Auburn Hills, MI

Pay Range: 55,000 - 65,000

Job Overview:

We are looking for a SOC Analyst with expertise to join our growing Security Operations Center (SOC). As a SOC Analyst, you will be responsible for monitoring, detecting, analyzing, and responding to security incidents across a diverse range of IT environments, with a strong focus on securing network and cloud infrastructure. You will play a pivotal role in maintaining our security posture, safeguarding critical assets, and ensuring rapid response to evolving cyber threats. This is a full-time hybrid role that will require you to be on site at the data center at Flint / Auburn Hills – Michigan US only during critical incidents or to support real-time threat detection and mitigation efforts. This role is M-F with an on-call rotation for after hours and weekends.

Key Responsibilities:

• Real-Time Threat Monitoring & Incident Response:
• Monitor security alerts and events using SOC tools, including EDR, XDR, NGFW, IDS/IPS, Vulnerability scanner and endpoint detection tools.
• Perform deep-dive analysis of security events to determine the risk and potential impact on the organization.
• Triage, escalate, and respond to security incidents in accordance with SOC playbooks and incident response procedures.
• Coordinate and execute incident response processes, including containment, eradication, and recovery.
• Threat Hunting & Proactive Security:
• Conduct proactive threat-hunting exercises to detect and mitigate potential risks before they become incidents.
• Use threat intelligence feeds to correlate findings and stay ahead of adversarial tactics, techniques, and procedures (TTPs).
• Incident Documentation & Reporting:
• Maintain accurate and detailed documentation of incidents, including timelines, actions taken, and resolution.
• Provide regular reports to SOC leadership on incidents, emerging threats, and overall security posture.
• Contribute to post-incident reviews and lessons learned to improve SOC processes and defenses.
• Continuous Improvement & Automation:
• Collaborate with other SOC teams to enhance detection, response, and remediation processes through automation and scripting (Python, Bash, etc.).
•  Network Firewall & Traffic Analysis Web Application Firewall (WAF) Management:
• Continuously monitor and analyze network traffic through firewalls, IDS/IPS, and other network security tools to identify suspicious or malicious activities.
• Assist in the configuration and tuning of network firewalls (e.g., Palo Alto, Cisco ASA) to strengthen defenses and reduce false positives.
• Perform firewall log analysis and traffic inspection to identify anomalies, attacks, or misconfigurations.
• Monitor WAF alerts and logs to identify attacks such as SQL injection, XSS, and DDoS on web applications.
• Cloud Security Monitoring:
• Monitor and respond to security alerts within cloud platforms (AWS, Azure.. etc..), including misconfigurations, unauthorized access, and other security threats.

Qualifications:

• Education:
• Bachelor's degree in information security, Computer Science, or a related field (or equivalent experience).
• Experience:
• 1 years of experience working in a Security Operations Center (SOC), with a focus on network security, firewalls, WAF, and cloud environments.
• Hands-on experience managing and configuring network firewalls (e.g., Palo Alto, Fortinet, Cisco ASA).
• Strong experience with Web Application Firewalls (WAF) (e.g., Azure WAF, F5..etc).
• Expertise in cloud security monitoring (AWS, Azure ..etc.).
• Technical Skills:
• Advanced knowledge of firewall technologies and network security protocols (e.g., TCP/IP, VPN, IDS/IPS).
• Knowledge of threat intelligence and incident response frameworks (MITRE ATT&CK, NIST).
• Scripting and automation skills (Python, Bash) to support SOC operations.

Soft Skills:

• Strong analytical skills, with the ability to perform root cause analysis and identify patterns in security incidents.
• Excellent communication skills for interaction with technical and non-technical teams.
• Ability to work well in a team environment and contribute to a collaborative SOC environment.
• Detail-oriented with strong multitasking and prioritization abilities.

Work Environment:  Work is primarily sedentary: must be able to sit for extended periods of time and use a computer, keyboard, and mouse, frequently.

Please note that this Job Description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.  Duties, responsibilities, and activities may change at any time with or without notice.

Under the Americans with Disabilities Act (ADA), WIS is committed to providing reasonable accommodations to qualified individuals with disabilities to enable them to effectively perform the essential functions of the job. 

For more information on WIS, visit our website at www.wisintl.com

WIS is an Equal Opportunity Employer,

committed to a diverse and inclusive work environment.