SOC Analyst I

SOC Analyst I

Apollo's SOC Analyst I is a member of the Security Operations Center team responsible for monitoring and detecting threats and cybersecurity attacks across our clients' networks and systems. The SOC Analyst I monitors, analyzes, and responds to security events and alerts, working collaboratively with the team to protect client digital assets and maintain a strong security posture.

Key responsibilities include:

• Monitor security events and alerts using SIEM tools and other security technologies.
• Analyze and triage security alerts to determine severity and potential impact.
• Perform initial incident response activities and escalate issues when necessary.
• Document and track security incidents and their resolutions.
• Assist in creating and maintaining security documentation and procedures.
• Contribute to the development and improvement of security metrics and reporting.
• Collaborate with other team members and departments to address security concerns.
• Partner with SOC Analyst II to develop and refine SIEM correlation rules.
• Stay informed about emerging threats and security trends.

Qualifications include:

• Required:
• Basic understanding of networking concepts, protocols, and security principles.
• Familiarity with common security tools and technologies (e.g., firewalls, IDS/IPS, SIEM).
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Ability to work in a fast-paced environment and handle multiple priorities.
• Basic scripting or programming skills (e.g., Python, PowerShell).
• Ability to work in shifts, including swings, nights, weekends, and holidays.
• Preferred:
• Experience with CrowdStrike, Sophos, and/or SentinelOne platforms.
• Familiarity with one or more SIEM platforms (e.g., Stellar, Splunk, Exabeam, LogRhythm, Elastic).
• Experience with cloud security concepts and technologies.
• Experience with threat intelligence platforms and processes.
• Familiarity with the MITRE ATT&CK framework.
• Familiarity with network infrastructure and security concepts (firewalls, VPNs, network segmentation, IDS/IPS).
• Experience with enterprise firewall platforms (e.g., Sophos, Fortinet, Cisco, Check Point).

Expectations:

• At 30 days:
• Complete onboarding to Apollo's SOC tool stack.
• Shadow senior analysts across monitoring shifts to internalize Apollo's alert triage logic, escalation thresholds, severity classifications, and incident documentation standards before owning work independently.
• Begin monitoring and triaging low-complexity alerts under guidance.
• Within 90 days:
• Monitor and triage security alerts independently during assigned shifts — assessing severity, performing initial incident response activities, and escalating appropriately without needing to be prompted.
• Produce clean, accurate incident documentation consistently — every event tracked, every resolution recorded, in a format that's useful to the next analyst who picks it up.
• Demonstrate growing familiarity with the MITRE ATT&CK framework — able to map common alert types to relevant tactics and techniques and apply that context to triage decisions.
• Participating in shift handoffs, flagging emerging patterns to Analyst IIs, and raising questions that improve the team's collective awareness.
• By 180 days:
• Carry a full monitoring workload independently across assigned shifts with sound, consistent triage judgment — escalations are timely, severity calls are accurate, and false positive handling is efficient.
• Partner actively with SOC Analyst IIs on SIEM correlation rule development — contributing observations from day-to-day monitoring that inform rule refinement and detection improvement.
• Draft or meaningfully improve at least one SOC procedure document, runbook, or triage playbook that gets adopted by the team.
• Demonstrate working proficiency with at least one SIEM platform beyond basic alert consumption.

Company values:

• Passion for cybersecurity and a commitment to maintaining the highest standards of security.
• Customer Outcomes: Their success is our success, we are business partners.
• Entrepreneurial Approach: fast decision making, empowerment, focus on results, test and learn.
• Win Together: Intense Collaboration, no silos.
• Integrity is paramount.

Why you'll love working here:

• Comprehensive medical, dental, and vision coverage, the company covers 100% of employee premiums and 90% of dependent premiums on base plans.
• Unlimited PTO, 7 paid sick days, and 11 paid holidays.
• 401(k) with 4% company match after 90 days, immediately vested.
• Company-paid life insurance at 1x annual salary.
• Company-paid Short-Term Disability (STD) and Long-Term Disability (LTD) coverage.
• $125 monthly home-office tech stipend for internet, equipment, and other technology needs.
• Amazing colleagues, a collaborative environment, and a supportive, growth-focused culture.

Apollo-IS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. Apollo-IS provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act.