×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

SOC analyst

Job in False Pass, Alaska, 99583, USA
Listing for: 6AM City, LLC
Full Time position
Listed on 2026-06-02
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 75000 - 95000 USD Yearly USD 75000.00 95000.00 YEAR
Job Description & How to Apply Below
Location: False Pass

Job Description Top Skills' Details

  • At least 5 years in IT, and at least 3+ years’ experience working in a SOC and/or participating in Incident Response activities such as host triage and retrieval, malware analysis, remote system analysis, and remediation efforts. Additional IT background in systems administration, networking, help desk, etc.
  • Specific SOC experience required: experience reviewing alerts for Power Shell, Linux audit events, O365 alerts and/or AWS alerts.
  • AWS Knowledge/Skills - at a basic level, someone who understands how AWS works at least from a provisioning/AIM/alerts perspective (those get forwarded directly to Splunk). Ability to log into AWS under the various tools, and having context of which tool to go to to triage what you're seeing. Somebody with a very basic knowledge of that architecture and could go into those tools in a straightforward manner.
    • Additional

    Nice-to-have skills
    • Mimecast e‑mail security experience - at our client, the ISRC team is using Metasploit for e‑mail security to generate the e‑mails and then a lot of troubleshooting once that team sends out the phishing campaigns is done by Dave's team in Mimecast.
    • O365 experience
    • Autonomy - Someone who could take the data they're given and can pivot and think. They're not just take what's given to them, have a use case in the SIEM where they don't ever go into the command line, and then just escrow it to another team that does all the pivoting.

    ob

    Summary:

    The SOC Analyst assists in the detection, response and remediation of cyber related attacks on the enterprise. This role supports the areas of incident response and forensics and participates in incident response activities. Provide thorough results which are documented and correlated. Works with an managed security service provider (MSSP) to onboard new event sources and use cases. Utilizes technologies such as DLP, DNS, IPS, proxy, SIEM, and related endpoint, mobile and cloud controls to complete incident response activities and threat hunting.

    Technology

    Landscape

    They are running just Splunk Core. Not running Splunk ES (enterprise security bolt on - separate license/bolt on). The people who are exposed to only Splunk ES tend to just stick to their dashboards and don't know how to write queries.

    Principal Duties
    • Respond to and perform incident investigations for severity level incidents (high, medium, low) while working with IT and business areas.
    • Maintain skills and capabilities required to maintain, process, and develop intelligence products that are actionable to internal Info Sec functions, Cyber Security stakeholders, and the business areas.
    • Gain understanding and employ multiple analytical frameworks to drive Cybersecurity Maturity model lifecycle against threats that are of interest to the Info Sec organization.
    • Provide support in the detection, response, mitigation, and reporting of real or potential cyber threats to the organization and assist in the automation of these processes.
    • Perform threat intelligence collection, analysis, and actionable intelligence extraction from the numerous cyber threat intelligence sources that are available externally and internally to the Info Sec organization.
    • Assist in developing detection and alert criteria and work directly with Operational Support Team to drive monitoring and defense improvements.
    • Assist as needed with forensic analysis of network packet captures, DNS, proxy, malware, host‑based security and application logs, as well as logs from various types of security sensors.
    • Perform root cause analysis of security incidents for further enhancement of overall Info Sec defenses.
    • Provide metrics to measure the effectiveness of the incident response program at request of Security leadership and SOC lead.
    • Participate in incident response operations and development of standard operating procedures, run books and related templates. Recommend process improvements.
    • Participate in all tabletop exercises.
    • Update incident response plan and procedures as well as SOC runbooks.
    • Provide support, maintenance and development of the Security Information and Event Monitoring (SIEM) platform. This includes the integration of standard and…
    To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
    (If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)
    0
    200
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search