SOC Analyst

Overview

The Sentinel Blue Security Operations Center (Overwatch Team) is seeking a SOC Analyst I to serve as the first line of defense against cyber adversaries, responsible for real-time monitoring, initial triage, and performing root‑cause analysis of security events.

Here, we do more than react. We engage.

We are seeking a proactive analyst who is eager to investigate suspicious alerts, sift through the noise and correlate data, validate threats, and prioritize remediation.

The ideal candidate values a desire to learn, improve, and foster team collaboration. In this role, there is opportunity for growth beyond mere ticket closure, gaining exposure and skills in other cybersecurity domains (e.g. Threat Intelligence, Threat Hunting, Digital Forensics and Incident Response (DFIR), Vulnerability Management, and Detection Engineering).

This is a full‑time, entry‑level position–perfect for recent graduates or those pivoting into cybersecurity for experience, who demonstrate a keen interest in the field. Must be open to and willing to work a shift schedule.

You will be surrounded by a passionate team and culture that takes pride in our work, our core values, and a pursuit of excellence in protecting our client’s data and assets in a multi‑tenant cloud environment.

This is a full‑time position that is fully remote. Due to the nature of our work, you must be a U.S. citizen with eligibility for a clearance. No exceptions.

Sentinel Blue is a young company with a focused mission: we’re bringing enterprise‑class cybersecurity to small and medium sized businesses. Frankly, we’re pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission. The pace is fast, and we’re always learning new things. This is a great place if you want to expose yourself to new and emerging technologies, want to be challenged, and want to build your skills.

Further, success in this role can quickly transition into a team leadership role. The right person will find themselves in a fun, dynamic environment, working on interesting problems and making a real difference.

You will be required to achieve a Security+ certification in the first 2 months of hire; we’ll cover your certification costs and provide paid time for you to study!

• U.S. citizenship – by nature of our work with the defense industry, all employees must be eligible for a Secret clearance.
• Minimum of 0‑2 years of experience in a Security Operations Center and/or a combination of experience in IT Support, Networking, or System Administration.
• CompTIA Security+ certification is required within the first 2 months of hire.

• Continuously monitor the Security Information and Event Management (SIEM) dashboard and leverage security tools to detect potential security incidents and anomalies in real‑time.
• Analyze incoming alerts to determine their relevance and urgency; effectively distinguish between false and true positives to prioritize response efforts.
• Conduct investigations by gathering context and other relevant logs to understand scope of alert.
• Strictly adhere to established Service Level Agreements (SLAs), Incident Response (IR) playbooks and Standard Operating Procedures (SOPs) to ensure consistent and compliant handling of security events.
• Create, update, and manage tickets in our case management system, ensuring all investigative steps, communications, and findings are thoroughly documented.
• Identify and elevate complex or high‑severity incidents to Tier II or Incident Response Team, providing clear details and a comprehensive summary of initial findings.
• Perform basic remediation actions, such as blocking indicators and isolating compromised hosts, when authorized by SOPs or directed by senior personnel.
• Demonstrate excellent verbal and written communication skills when communicating with team members, clients, and/or stakeholders.
• Contribute to the team’s knowledge base, creating or updating articles, SOPs, and/or playbooks when new trends or resolution methods are identified.

• Log Analysis:
  Familiarity with and ability to parse different types of logs –…