Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Sr. SOC Analyst

Veterans Sourcing Group, LLC

Job Title: Sr. SOC Analyst
Duration: 12+ Months (Possible extension)
Location: New York, NY 10286
Onsite Role (4 days a week)

Responsibilities:
  • 24/7/365 support
  • The analyst triages alerts that come into the dashboards, review and escalate, and drive to closure
  • May triage a couple hundred alerts per month (1 every 30 minutes is baseline expectations)
  • Will lead incident triage, coordinate response efforts across teams, and mentor analysts to continuously improve detection, response, and recovery capabilities.
  • Will leverage SIEM, EDR, and SOAR tooling to investigate complex threats, reduce dwell time, and strengthen operational resilience for mission-critical services.
  • Lead triage and investigation of security alerts, escalating and coordinating incident response as needed.
  • Perform root cause analysis, scope affected assets, and drive containment, eradication, and recovery.
  • Correlate events across SIEM, EDR, IDS/IPS, firewalls, cloud logs, and identity platforms to identify true positives and reduce false positives.
  • Develop, refine, and maintain SOC playbooks, runbooks, and detection logic aligned to the MITRE Telecommunication&CK framework.
  • Mentor junior analysts and provide guidance on investigation techniques, documentation standards, and operational best practices.
  • Coordinate with Threat Intelligence to enrich investigations, track adversary TTPs, and proactively hunt for indicators of compromise.
  • Partner with Engineering teams to tune detections, improve log fidelity, and strengthen preventive controls.
  • Create clear, actionable incident reports and executive summaries; contribute to metrics and trend analysis.
  • Support purple team exercises and post-incident reviews to capture lessons learned and drive continuous improvement.
  • Ensure adherence to regulatory and security policies; maintain audit-ready documentation for investigations and incidents.
Education/Experience:
  • 5-8+ years of experience in a SOC, incident response, or threat detection role, including Tier 2/3 investigations.
  • Advanced proficiency with SIEM (e.g., Splunk, QRadar, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender), and SOAR platforms.
  • Strong knowledge of network security, Windows/Linux, identity systems, and common cloud logging sources.
  • Ability to manipulate data within Splunk is preferred.
  • Hands-on experience with the MITRE Telecommunication&CK framework, threat hunting, IOC/IOA development, and detection tuning.
  • Demonstrated ability to lead complex incidents, coordinate stakeholders, and communicate clearly under time pressure.
  • Scripting or automation experience (e.g., Python, PowerShell) for investigation of enrichment and workflow improvements.
  • Familiarity with NIST CSF/800-61, CIS Controls, and common regulatory requirements impacting incident response.
  • Excellent documentation skills and an evidence-driven approach to investigations.
Preferred:
  • Relevant certifications: GCIA, GCED, GCIH, GCFA, GNFA, CISSP, CCSP, or equivalent experience.
  • Experience with ticketing and case management systems (e.g., ServiceNow) and knowledge management practices.
  • Prior experience with threat Client platforms, sandboxing tools, and malware triage is a plus.
  • Experience with NIST or FedRAMP is a plus but not required
Vacancy posted more than 2 months ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Sr. SOC Analyst. Be the first to apply!