Cybersecurity Analyst - SOC Operations Overview The Cybersecurity Analyst will serve as a member of the Security Operations Center (SOC) within the IT Security team. This role is responsible for monitoring, investigating, and responding to cybersecurity events across a hybrid enterprise environment consisting of both on-premises and cloud-based infrastructure.
This position focuses heavily on security operations, threat detection, incident triage, and response activities. The analyst will work escalated Tier II / III security incidents received from the organization s Managed Detection & Response (MDR) provider and internal monitoring platforms, while partnering closely with Infrastructure, Cloud, and Security Engineering teams to support enterprise-wide security operations and continuous improvement initiatives.
Key Responsibilities Monitor, investigate, and respond to security alerts and incidents generated by SIEM, EDR, NDR, MDR, and cloud-native security platforms
Perform event triage, validation, threat analysis, and incident classification for escalated Tier II / III security events
Execute and coordinate incident response activities including containment, investigation, remediation, and recovery efforts
Analyze security events across hybrid enterprise environments including on-premises infrastructure, endpoints, servers, identity systems, and cloud platforms
Review cloud security alerts, audit logs, and telemetry to support Cloud Detection & Response (CDR) operations
Assist with tuning and improving enterprise security monitoring, alert correlation, log collection, and detection quality
Collaborate with Security Engineering, Infrastructure, and Cloud teams to strengthen monitoring coverage and improve SOC operational workflows
Support automation and process improvement initiatives related to threat detection and incident response
Document security incidents, investigations, response actions, and operational procedures in accordance with established security processes
Assist with operational reporting, security metrics, incident trending, and leadership-facing security summaries
Maintain awareness of evolving cyber threats, attack techniques, and industry best practices relevant to enterprise and cloud security operations
Required Qualifications College degree, technical training, or equivalent professional experience preferred
Security-related certifications preferred (CompTIA Security+, CySA+, GIAC, GSEC, GCIH, or similar)
3+ years of experience in a cybersecurity, SOC, or security operations role
Prior experience supporting enterprise environments across servers, endpoints, networks, or cloud infrastructure
Experience operating within hybrid environments consisting of both on-premises and cloud technologies
Familiarity working with MDR providers and escalated security incident workflows preferred
Participation in professional cybersecurity organizations or communities is a plus (ISSA, ISACA, InfraGard, ISAC/ISAO, etc.)
Desired Technical Skills Security event monitoring and alert triage
Incident response and threat investigation
SIEM platforms and security log analysis
Endpoint Detection & Response (EDR) technologies
Network Detection & Response (NDR) concepts
Cloud security monitoring and Cloud Detection & Response (CDR)
Security alert correlation and detection rule tuning
Knowledge of hybrid identity and enterprise authentication environments
Understanding of modern attacker tactics, techniques, and procedures (TTPs)
Strong analytical, troubleshooting, and problem-solving skills
Strong written and verbal communication abilities
Ability to operate effectively within a collaborative SOC and incident response environment
This position focuses heavily on security operations, threat detection, incident triage, and response activities. The analyst will work escalated Tier II / III security incidents received from the organization s Managed Detection & Response (MDR) provider and internal monitoring platforms, while partnering closely with Infrastructure, Cloud, and Security Engineering teams to support enterprise-wide security operations and continuous improvement initiatives.
Key Responsibilities Monitor, investigate, and respond to security alerts and incidents generated by SIEM, EDR, NDR, MDR, and cloud-native security platforms
Perform event triage, validation, threat analysis, and incident classification for escalated Tier II / III security events
Execute and coordinate incident response activities including containment, investigation, remediation, and recovery efforts
Analyze security events across hybrid enterprise environments including on-premises infrastructure, endpoints, servers, identity systems, and cloud platforms
Review cloud security alerts, audit logs, and telemetry to support Cloud Detection & Response (CDR) operations
Assist with tuning and improving enterprise security monitoring, alert correlation, log collection, and detection quality
Collaborate with Security Engineering, Infrastructure, and Cloud teams to strengthen monitoring coverage and improve SOC operational workflows
Support automation and process improvement initiatives related to threat detection and incident response
Document security incidents, investigations, response actions, and operational procedures in accordance with established security processes
Assist with operational reporting, security metrics, incident trending, and leadership-facing security summaries
Maintain awareness of evolving cyber threats, attack techniques, and industry best practices relevant to enterprise and cloud security operations
Required Qualifications College degree, technical training, or equivalent professional experience preferred
Security-related certifications preferred (CompTIA Security+, CySA+, GIAC, GSEC, GCIH, or similar)
3+ years of experience in a cybersecurity, SOC, or security operations role
Prior experience supporting enterprise environments across servers, endpoints, networks, or cloud infrastructure
Experience operating within hybrid environments consisting of both on-premises and cloud technologies
Familiarity working with MDR providers and escalated security incident workflows preferred
Participation in professional cybersecurity organizations or communities is a plus (ISSA, ISACA, InfraGard, ISAC/ISAO, etc.)
Desired Technical Skills Security event monitoring and alert triage
Incident response and threat investigation
SIEM platforms and security log analysis
Endpoint Detection & Response (EDR) technologies
Network Detection & Response (NDR) concepts
Cloud security monitoring and Cloud Detection & Response (CDR)
Security alert correlation and detection rule tuning
Knowledge of hybrid identity and enterprise authentication environments
Understanding of modern attacker tactics, techniques, and procedures (TTPs)
Strong analytical, troubleshooting, and problem-solving skills
Strong written and verbal communication abilities
Ability to operate effectively within a collaborative SOC and incident response environment
Job ID: 521142324
Originally Posted on: 5/14/2026
Want to find more Technology opportunities?
Check out the 165,238 verified Technology jobs on iHireTechnology
Sign Up for Job Alerts
