Sr. SOC Analyst
Veterans Sourcing Group, LLC
Job Title: Sr. SOC Analyst
Duration: 12+ Months (Possible extension)
Location: New York, NY 10286
Onsite Role (4 days a week) Responsibilities:
Duration: 12+ Months (Possible extension)
Location: New York, NY 10286
Onsite Role (4 days a week) Responsibilities:
- 24/7/365 support
- The analyst triages alerts that come into the dashboards, review and escalate, and drive to closure
- May triage a couple hundred alerts per month (1 every 30 minutes is baseline expectations)
- Will lead incident triage, coordinate response efforts across teams, and mentor analysts to continuously improve detection, response, and recovery capabilities.
- Will leverage SIEM, EDR, and SOAR tooling to investigate complex threats, reduce dwell time, and strengthen operational resilience for mission-critical services.
- Lead triage and investigation of security alerts, escalating and coordinating incident response as needed.
- Perform root cause analysis, scope affected assets, and drive containment, eradication, and recovery.
- Correlate events across SIEM, EDR, IDS/IPS, firewalls, cloud logs, and identity platforms to identify true positives and reduce false positives.
- Develop, refine, and maintain SOC playbooks, runbooks, and detection logic aligned to the MITRE Telecommunication&CK framework.
- Mentor junior analysts and provide guidance on investigation techniques, documentation standards, and operational best practices.
- Coordinate with Threat Intelligence to enrich investigations, track adversary TTPs, and proactively hunt for indicators of compromise.
- Partner with Engineering teams to tune detections, improve log fidelity, and strengthen preventive controls.
- Create clear, actionable incident reports and executive summaries; contribute to metrics and trend analysis.
- Support purple team exercises and post-incident reviews to capture lessons learned and drive continuous improvement.
- Ensure adherence to regulatory and security policies; maintain audit-ready documentation for investigations and incidents.
- 5-8+ years of experience in a SOC, incident response, or threat detection role, including Tier 2/3 investigations.
- Advanced proficiency with SIEM (e.g., Splunk, QRadar, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender), and SOAR platforms.
- Strong knowledge of network security, Windows/Linux, identity systems, and common cloud logging sources.
- Ability to manipulate data within Splunk is preferred.
- Hands-on experience with the MITRE Telecommunication&CK framework, threat hunting, IOC/IOA development, and detection tuning.
- Demonstrated ability to lead complex incidents, coordinate stakeholders, and communicate clearly under time pressure.
- Scripting or automation experience (e.g., Python, PowerShell) for investigation of enrichment and workflow improvements.
- Familiarity with NIST CSF/800-61, CIS Controls, and common regulatory requirements impacting incident response.
- Excellent documentation skills and an evidence-driven approach to investigations.
- Relevant certifications: GCIA, GCED, GCIH, GCFA, GNFA, CISSP, CCSP, or equivalent experience.
- Experience with ticketing and case management systems (e.g., ServiceNow) and knowledge management practices.
- Prior experience with threat Client platforms, sandboxing tools, and malware triage is a plus.
- Experience with NIST or FedRAMP is a plus but not required
Vacancy posted more than 2 months ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Sr. SOC Analyst. Be the first to apply!
Related searches
- utilities analyst New York, NY
- facility analyst New York, NY
- traffic analyst New York, NY
- open source analyst New York, NY
- licensing analyst New York, NY
- operational due diligence analyst New York, NY
- complaint analyst New York, NY
- workforce analyst work from home New York, NY
- informatics analyst New York, NY
- verification analyst New York, NY
