Senior Analyst, Cyber Security Operations

POSITION SUMMARY:  

The Senior Analyst, Cyber Security Operations acts as a critical escalation point within the Cyber Security Operations Center (CSOC) team. He/she is responsible for advanced analysis, incident handling, and in-depth investigations of security events. The analyst serves as a mentor to CSOC Analysts and provides guidance and expertise for complex security incidents. Additionally, he/she collaborates with internal and external teams to refine and improve CSOC processes, leveraging advanced tools and techniques to safeguard the organization's digital assets against threats.

PRIMARY RESPONSIBILITIES:

Conducts advanced analysis of security incidents escalated from CSOC Analysts, leveraging all available Security Operations Center log sources, including but not limited to:

Firewalls

Systems and Network Devices

Web Proxies

Intrusion Detection/Prevention Systems

Antivirus Systems and EDR Solutions

• Performs in-depth investigations to determine root causes, scope, and impact of security incidents.
• Develops and executes containment and mitigation strategies for active incidents and ensures incidents are properly documented.
• Provides guidance to CSOC Analysts, helping to improve triage processes and event handling.
• Oversees tuning and optimization of Security Information and Event Management (SIEM) tools, including Endpoint Detection and Response (EDR) solutions to reduce false positives and improve detection accuracy.
• Proactively identifies and analyzes potential threats by leveraging threat intelligence sources, hunting for malicious activities, and identifying anomalies in the environment.
• Conducts forensic analysis and malware analysis as needed to support incident response efforts.
• Prepares detailed incident reports and findings for management and stakeholders.
• Acts as a key contributor to the development and maintenance of CSOC procedures, playbooks, and processes.
• Collaborates with other teams to remediate vulnerabilities, strengthen security posture, and improve monitoring strategies.
• Participates in post-incident reviews, identifying gaps and lessons learned to enhance the organization's incident response capabilities.
• Assists with the evaluation and implementation of new tools and technologies for the CSOC.
• Serves as a technical escalation point for all security-related events and incidents.
• Provides training and mentorship to CSOC Analysts to improve overall team capability and performance.

QUALIFICATIONS:

Experience

3 to 5 years of experience in IT or cybersecurity, with at least 2 years of direct SOC experience or incident response.

Education

BS in Computer Science, IS, or related field or three years of equivalent experience.

Must have at least one relevant certification in cybersecurity, such as CompTIA Security+, Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), or equivalent.

Skills / Competencies

• Advanced understanding of TCP/IP, UDP, DNS, FTP, NetBIOS, and other protocols.
• Strong expertise in network analysis, net flow analysis, and packet capture tools (e.g., Wireshark).
• Proficiency in SIEM tools (e.g., Splunk, QRadar, ArcSight), and EDR solutions for monitoring and advanced threat detection.
• Strong knowledge of Windows, Linux, and UNIX operating systems.
• Deep understanding of threat intelligence platforms and their application in proactive threat detection.
• Strong familiarity with exploit frameworks, vulnerabilities, and attack vectors.
• Advanced understanding of the incident response lifecycle and forensic principles.
• Knowledge of malware analysis and reverse engineering techniques.
• Strong analytical and problem-solving skills, with the ability to perform root-cause analysis.
• Knowledge of scripting or automation tools (e.g., Python, PowerShell) to enhance SOC workflows.
• Ability to assess risks and provide recommendations to improve the organization's security posture.
• Strong project management skills, with the ability to manage multiple priorities effectively.

Other Attributes

• Detail-oriented and able to handle high-pressure situations effectively.
• Excellent written and verbal communication skills for reporting and collaboration.
• Self-starter and independent thinker with the ability to work collaboratively in a team environment.
• Demonstrates leadership qualities, with the ability to mentor junior analysts.
• Displays the highest level of integrity and commitment to delivering results.
• Adaptable to changing priorities and able to work in a fast-paced environment.