SOC Analyst

Position Summary

Northern Technologies Group (NTG) is seeking a highly motivated Security Operations Center (SOC) Analyst to support a mission-critical cybersecurity operations environment. The SOC Analyst will be responsible for monitoring, analyzing, investigating, and responding to cybersecurity events and incidents across enterprise networks and systems. This role requires experience in incident response, cyber defense operations, threat detection, and security monitoring within a Security Operations Center (SOC).

The ideal candidate will possess strong analytical skills, experience working with enterprise security tools, and a deep understanding of cyber threat actor tactics, techniques, and procedures (TTPs).

Essential Duties and Responsibilities

• Monitor and analyze security alerts generated from endpoints, IDS/IPS systems, NetFlow data, SIEM platforms, and custom security sensors.
• Identify, investigate, and respond to potential cybersecurity incidents and compromises across customer networks and endpoints.
• Perform detailed analysis of large-scale log data and correlate information across multiple data sources during incident investigations.
• Escalate validated threats and incidents to senior SOC personnel while providing detailed supporting evidence.
• Document investigative findings, actions taken, and recommendations within case management and knowledge management systems.
• Create, maintain, and distribute incident reports to customers, stakeholders, and leadership.
• Support Cyber Network Defense (CND) operations through protection, detection, response, and sustainment activities.
• Participate in shift operations supporting a 24x7 mission-essential environment.
• Maintain awareness of emerging cyber threats, attack vectors, and adversary TTPs.
• Contribute to knowledge sharing, mentoring, training, and continuous improvement initiatives.

Minimum Qualifications (Knowledge, Skills, and Abilities)

• Must be a U.S. Citizen.
• Must possess an active DoD Top Secret/ SCI security clearance
• Bachelor's degree and 8+ years of relevant experience, Additional military service and relevant experience may substitute for degree requirements. Candidates without a degree must possess a minimum of 12 years of relevant experience.
• Minimum 2 years of incident handling and incident response experience.
• Minimum 2 years of Security Operations Center (SOC) experience.
• Experience supporting Cyber Network Defense (CND) operations within a Computer Incident Response organization.
• Demonstrated understanding of Cyber threat lifecycles, Attack vectors and exploitation methodologies, Adversary tactics, techniques, and procedures (TTPs)
• Strong knowledge of: TCP/IP networking, Network protocols and ports, Traffic analysis, System administration, OSI model, Defense-in-depth security principles
• Ability to work independently in a fast-paced operational environment.
• DoD 8570 IAT Level II (or higher) certifications prior to start date (CompTIA Sec+, SSCP etc)
• Must also obtain a DoD 8570 CSSP-Analyst certification within six months of hire (CEH, CySA+, GCIA)

Preferred Qualifications

• Experience analyzing large volumes of: Security logs, NetFlow data, Full Packet Capture (PCAP), Network forensic artifacts
• Hands-on experience with enterprise SIEM platforms such as: Splunk, ArcSight, QRadar, McAfee Enterprise Security Management (Nitro), LogLogic.
• Experience with: IDS/IPS technologies, Host-Based Security Systems (HBSS), Endpoint security tools, Malware analysis techniques
• Unix/Linux command-line proficiency.
• Scripting or programming experience.
• Familiarity with: MITRE ATT&CK Framework, Cyber Kill Chain Methodology, Intelligence-Driven Defense concepts

Physical Demands and Work Environment

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.

While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate.


Northern Technologies Group is an equal opportunity employer. We do not discriminate based on race, color, religion, sex, national origin, disability, age, or any other protected status under federal, state, or local law.

Travel

10%

Shift

Day Shift

Note

The company is an Equal Opportunity Employer, drug free workplace, and complies with ADA regulations as applicable.

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. This document does not create an employment contract, implied or otherwise, other than an "at will" relationship.

The salary range listed represents a good faith estimate and is provided in compliance with applicable pay transparency laws. The final compensation offered will be determined based on a variety of factors, including your skills, experience, qualifications, internal equity, and market conditions.

Salary Description


$150,000 to $165,000