Sec Ops Analyst

Security Operations Analyst I

Security Operations Analysts are responsible for monitoring, detecting, and responding to cybersecurity threats and incidents across the enterprise. They perform threat analysis, incident response, and proactive threat hunting while ensuring compliance with Centers for Medicare & Medicaid Services (CMS) Acceptable Risk Safeguards (ARS) 5.1, National Institute of Standards and Technology (NIST) 800-53, and Federal Information Systems Management Act (FISMA) standards. The team works to continuously improve security processes, tools, and automation, with a focus on advanced monitoring, containment and remediation activities.

• Conducts analysis and investigation of security alerts generated by SIEM, EDR, DLP, and other monitoring platforms, applying critical thinking, threat analysis techniques, and the MITRE ATT&CK framework to determine scope, severity, and impact.
• Analyzes network, host, and application alerts for indicators of compromise, policy violations and emerging attack patterns.
• Oversees vulnerability intake, analysis, and classification, evaluating severity, exploitability, and business impact to determine appropriate remediation or escalation paths.
• Analyzes and classifies software patch updates, assessing security relevance, risk exposure, and prioritization in coordination with vulnerability and patch management.
• Determines appropriate response actions for confirmed or suspected security events, coordinating escalation, containment, or handoff to senior analysts or engineers as required.
• Directs and documents incident investigations, ensuring incident records, timelines, and findings meet operational, regulatory, and audit requirements.
• Contributes to continuous monitoring operations, including log correlation and alert tuning.
• Maintains detailed documentation of all alerts, investigations, and response activities.
• Supports daily and weekly reporting of security operations metrics and trends.
• Applies and refines incident response playbooks and procedures, identifying gaps, recommending improvements, and contributing to continuous process maturity.
• Maintains basic knowledge of cyber threat landscapes and emerging attack vectors.
• As assigned, provides after-hours support by responding to and assisting with incidents as part of an on-call or escalation rotation.

• Other duties as assigned.

• Bachelor's degree in Information Technology, Cybersecurity, or related field OR equivalent work experience determined by Human Resources.
• Foundational knowledge of cybersecurity concepts.
• Familiarity with SIEM tools (e.g., Sentinel One Vigilance, Microsoft Sentinel, Splunk).
• Working knowledge of MITRE ATT&CK and its application to detection logic, automation, and threat modeling.
• Strong attention to detail, communication, and documentation skills.

• CompTIA Security+, CySA+, or equivalent entry-level certification.
• 1 year experience in security operations, threat detection, or incident response.

• Office environment.
• Ability to read, hear, speak, use keyboard, reason, communicate effectively, and problem solve.
• Requires prolonged sitting and telephone usage.
• Requires the use of office equipment such as computer terminals, telephones, copiers, and printers.
• Infrequent lifting up to 20 pounds.
• Infrequent stooping.

Every employee is responsible to perform their duties and responsibilities in accordance with Noridian values, policies and procedures, including but not limited to Segregation of Duties Principles, HIPAA, Security and Privacy, CMS requirements, the Noridian Compliance Program, and any other applicable laws, rules and regulations.

This document describes the essential functions, requirements, and responsibilities of this job, and is not intended to be a complete list of all tasks and functions. Employees may be requested to perform job related tasks other than those specifically listed in this description and may be required to perform any task requested by the supervisor or management.

• Health, Dental and Vision Insurance
• Voluntary Insurance Plans
• Health Savings and Flexible Spending Accounts
• 401k and Company Match
• Company-paid Life Insurance
• Education Assistance Program
• Paid Sick Leave
• Paid Holidays
• Increasing PTO Accrual Plan
• Medical/Parental/Disability Leave
• Worker’s Compensation
• Retiree Benefits
• Severance Package
• Employee Assistance Program
• Financial and Health Wellness Benefits
• Casual Dress
• Open Office Setting
• Online Learning System

Some positions require compliance with federal and agency specific regulations and related clauses included in Noridian’s prime contracts with the Government, background checks, and eligibility for a government-issued identification card. An employee in this position may be required to possess a Federal Identification Card (Federal ) as a…