SOC Analyst - 100% Onsite - Permanent Residents Only

Short term CTH or full time

Position Overview

We are seeking a versatile and highly skilled SOC Analyst to join our Security Operations Center (SOC). This role requires an individual who can effectively monitor, analyze, and respond to security incidents across multiple domains, including Network, Application, Cloud, DevSecOps, Endpoint, IoT, IAM, Incident Response, Threat Intelligence, Compliance and Risk, and Data Security. The ideal candidate will possess a strong technical background, a proactive mindset, and the ability to adapt to emerging threats in a dynamic security landscape.

Key Responsibilities

Monitoring and Incident Response

• Continuously monitor security tools, logs, and alerts for potential security incidents.
• Respond to and investigate security alerts, ensuring quick containment and remediation.
• Collaborate with incident response teams to perform forensic analysis and root cause investigations.
• Work with MTDR vendor on SIEM configuration and requirements.

Threat Intelligence and Analysis

• Analyze and interpret threat intelligence feeds to identify emerging threats.
• Conduct proactive threat hunting across systems, networks, and applications.
• Maintain up-to-date knowledge of current attack techniques, tactics, and procedures (TTPs).
• Leverage MITRE ATT&CK Matrix to identify and map adversary tactics and techniques during threat investigations, enabling faster detection and response.

Network and Endpoint Security

• Monitor and secure network infrastructure, including firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs.
• Manage and monitor endpoint detection and response (EDR) tools to ensure device security.

Application and Cloud Security

• Perform security assessments on applications, APIs, and cloud environments.
• Ensure security controls are implemented and maintained in cloud platforms (AWS, Azure, Google Cloud).
• Collaborate with DevSecOps teams to automate security checks in CI/CD pipelines.
• Leverage OWASP and CSA to identify and mitigate application security risks and ensure cloud security best practices during threat analysis and remediation.

IAM and Data Security

• Monitor identity and access management (IAM) systems for suspicious activities and unauthorized access.
• Ensure sensitive data is protected through encryption, data loss prevention (DLP), and secure storage.

IoT Security

• Assess and secure Internet of Things (IoT) devices and networks.
• Implement protocols for secure IoT device management and monitoring.

Compliance and Risk Management

• Assist with audits and compliance checks for frameworks such as GDPR, HIPAA, ISO 27001, or NIST.
• Provide recommendations for reducing security risks and improving overall compliance posture.
• Perform internal audits to ensure controls are operating as expected.

Reporting and Communication

• Generate detailed reports on incidents, threats, and remediation actions for technical and non-technical stakeholders.
• Communicate effectively with cross-functional teams, including IT, development, and management.

Required Skills and Qualifications

Technical Skills

• Knowledge of SIEM platforms (e.g., Sentinel, AlienVault, etc.).
• Familiarity with EDR solutions (e.g., CrowdStrike, SentinelOne).
• Proficiency in securing cloud environments (AWS, Azure).
• Experience with DevSecOps practices and tools (e.g., Jenkins, GitHub, Kubernetes).
• Understanding of network protocols (TCP/IP, DNS, HTTP) and security tools (firewalls, IDS/IPS).
• Knowledge of IAM principles and tools (e.g., Okta, Azure AD).
• Experience with vulnerability management and penetration testing tools (e.g., Nessus, Metasploit).
• Familiarity with compliance standards (e.g., GDPR, HIPAA, PCI DSS).

Soft Skills

• Strong analytical and problem-solving abilities.
• Excellent verbal and written communication skills.
• Ability to work collaboratively in a fast-paced environment.
• Proactive and self-motivated with a keen attention to detail.

Education and Experience

Bachelor s Degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).

Certifications (preferred):

• CompTIA Security , CEH, CISSP, GSEC, or equivalent.
• AWS Certified Security Specialty or Azure Security Engineer Associate.
• Certified Incident Handler (GCIH) or Certified Threat Intelligence Analyst (CTIA).
• 3 years of experience in a SOC or equivalent security operations role.