Security Operations Center Analyst

Overnight Security Operations Center Analyst

Location:

Austin, TX

Salary: $84,000.00-$98,000.00

• Provide mentorship and technical oversight to L2 analysts and MSSP‑led supporting staff, reviewing investigations and guiding escalation decisions.
• Lead incident response efforts for high‑severity events, coordinating across teams to ensure effective containment and remediation.
• Contribute to the development and refinement of SOC processes, playbooks, and escalation protocols.
• Participate in hiring, onboarding, and training activities to build a high‑performing SOC team.
• Conduct advanced investigations of security alerts and incidents, including malware analysis, lateral movement, and data exfiltration.
• Perform threat hunting using hypothesis‑driven approaches and threat intelligence to uncover hidden threats.
• Develop and tune detection rules, correlation logic, and behavioral analytics across SIEM, EDR, and cloud platforms.
• Analyze attacker TTPs and translate them into actionable detections using frameworks such as MITRE Telecommunication & CK and the Cyber Kill Chain.
• Lead forensic investigations, including memory, disk, and network analysis, to support incident response and legal requirements.
• Collaborate with detection engineering and threat intelligence teams to improve detection coverage and response workflows.
• Serve as a key point of contact during major incidents, providing technical updates and risk assessments to leadership and stakeholders.
• Document investigation findings, incident timelines, and lessons learned in a clear and structured format.
• Support compliance and audit efforts by ensuring incident handling aligns with regulatory and policy requirements.
• Collaborate with IT, OT, and business units to ensure visibility and response capabilities across all environments.
• Contribute to SOC maturity assessments and strategic planning to enhance the organization’s cyber defense posture.

• Bachelor’s degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start).
• Five (5) years of experience in a SOC or cybersecurity operations role, with at least 2 years in a senior or L3 capacity in a private, public, government or military environment.
• Proficiency in SIEM (e.g., Splunk, Sentinel), EDR (e.g., Crowd Strike, Carbon Black), and forensic tools.
• Strong understanding of Windows, Linux, and cloud environments (AWS, Azure, GCP) from a security perspective.
• Experience with scripting or automation (e.g., Python, Power Shell) is a plus.
• Familiarity with threat intelligence platforms, malware analysis tools, and adversary simulation frameworks.
• Industry certifications such as GCIA, GCIH, GCFA, OSCP, or equivalent are highly desirable.
• Excellent communication skills, with the ability to convey complex technical issues to both technical and non‑technical audiences.
• Senior‑level expertise in leading complex investigations and responding to advanced cyber threats.
• Skilled in malware analysis, threat hunting, and forensic investigations across diverse environments.
• Proficient in developing detection logic and tuning analytics to identify sophisticated attacker behaviors.
• Strong understanding of adversary TTPs and frameworks like MITRE Telecommunication & CK and the Cyber Kill Chain.
• Effective mentor and technical leader for junior analysts, fostering a culture of excellence in the SOC.
• Experienced in coordinating incident response efforts and communicating findings to stakeholders.
• Committed to continuous improvement of SOC processes, playbooks, and detection capabilities.
• Strategic thinker with the ability to assess risk, lead under pressure, and drive operational maturity.

Not Applicable

Full‑time

Information Technology

Manufacturing