Cybersecurity Operations Analyst
$90k - $106kAon
The Cybersecurity Analyst - Threat Detection, Automation & SOC Operations is a hands-on role supporting Aon's global Cybersecurity Command Center (AC3). This position is designed for SOC analysts (Level 1-Level 3) focused on alert triage, incident investigation, and continuous improvement of detection and automation capabilities.
The role involves monitoring and analyzing security events, responding to alerts, and enhancing alert quality, playbooks, and workflows. The analyst will collaborate closely with Security Operations, Threat Intelligence, Security Engineering, and Incident Response teams to ensure comprehensive coverage across endpoint, identity, cloud, email, and network environments. The ideal candidate is curious, analytical, and comfortable working directly with security tooling-investigating alerts, understanding attacker behavior, and contributing to the tuning and automation of SOC workflows. Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organization, we are united through trust as one engaged team and we are passionate about helping our colleagues and clients succeed. What the day will look like SOC Monitoring & Investigation- Monitor and triage alerts across platforms including LogScale, CrowdStrike Falcon, XSOAR, Microsoft, and Okta
- Perform initial investigation and validation of security events to determine severity and scope
- Escalate incidents with clear documentation, supporting evidence, and recommended actions
- Conduct in-depth investigations into suspicious endpoint, identity, network, and cloud activity (L2/L3)
- Support incident containment and remediation in coordination with Incident Response and Engineering teams
- Provide feedback on alert quality, noise, and detection gaps based on operational experience
- Assist in creating and refining detection rules and correlation logic using real-world cases and threat intelligence
- Tune existing detections to reduce false positives and improve SOC efficiency
- Validate detection effectiveness against known attacker behaviors and MITRE ATT&CK techniques
- Design and refine investigative workflows to guide analysts from triage through resolution
- Develop and maintain runbooks, playbooks, and procedural guides for common alert types
- Identify missing context or data needed to accelerate investigations (e.g., enrichment, logging, asset data)
- Recommend and implement improvements that reduce analyst effort and decision time
- Utilize and enhance XSOAR playbooks and automation workflows within daily SOC operations
- Identify repetitive tasks suitable for automation and partner with engineering teams to implement solutions
- Test, validate, and optimize automated actions to ensure they support investigations effectively
- Contribute to continuous improvement initiatives focused on SOC scalability, speed, and consistency
- Develop and execute queries in LogScale and other analytics platforms to support investigations and threat hunting
- Analyze telemetry across endpoint, identity, cloud, email, and network sources to identify suspicious activity
- Identify trends, recurring issues, and visibility gaps
- Support development of dashboards and reporting for SOC performance and incident trends
- Partner with AC3 analysts to identify operational challenges and propose improvements
- Work with Threat Intelligence and PTO teams to operationalize intelligence into detections and playbooks
- Collaborate with Security Engineering to enhance logging, telemetry, and data availability
- Contribute to post-incident reviews and continuously update runbooks and detections
- Combines SOC operations, detection engineering, and automation-not just alert triage.
- Lets analysts directly shape detections, playbooks, and workflows instead of only following them.
- Proven focus on XSOAR and automation, giving a clear growth path into advanced detection and engineering roles.
- Broad visibility across endpoint, identity, cloud, email, and network with modern tooling (LogScale, CrowdStrike, Microsoft, Okta).
- Minimum 2+years of experience in a SOC, Cyber Defense Center, MDR, or similar environment (L1-L3) will be preferred
- Strong understanding of attack techniques, alerting, and MITRE ATT&CK framework
- Hands-on experience with SIEM platforms such as LogScale, Splunk, Microsoft Sentinel, or Elastic
- Familiarity with EDR tools (preferably CrowdStrike Falcon)
- Exposure to SOAR platforms (e.g., XSOAR) and interest in automation
- Basic scripting experience (Python, PowerShell, or similar) preferred
- Strong analytical, troubleshooting, and evidence-based decision-making skills
- Effective written and verbal communication, including incident documentation and handoffs
- SOC Analyst (Tier 1-3)
- MDR Analyst
- Incident Response Analyst
- Threat Detection Analyst
- Detection Engineer (with SOC experience)
- Security Operations Engineer
- Security Content Developer (with SOC exposure)
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Cybersecurity Operations Analyst in United States vacancy
$69.4k - $158k
...Cybersecurity Operations Center Analyst As a Cybersecurity Operations Center Analyst on our security operations center team, you’ll improve tier monitoring strategies and analyze threats using state-of-the-art tools and platforms. You’ll work with the team to comprehend...SuggestedFull timePart timeCasual workWork at officeLocal areaRemote work- ...Overview Under the direction of the Chief Information Security Officer (CISO), the Senior Cybersecurity Operations Analyst will be responsible for analyzing events from multiple security tools to identify incidents and potential information security threats to the organization...SuggestedWork experience placement
$69.4k - $158k
...Job Number: R0243048 Cybersecurity Operations Center Analyst The Opportunity: Are you ready to take on a strategic role in cyber defense? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of cyber-attacks? If you...SuggestedFull timeContract workPart timeWork at officeLocal areaRemote work$100k - $125k
Blackstone is the world's largest alternative asset manager. We seek to create positive economic impact and long-term value for our investors, the companies we invest in, and the communities in which we work. We do this by using extraordinary people and flexible capital...SuggestedLocal areaFlexible hours- ...Job Title SOC Operations/Watch Floor Cybersecurity Analyst - Jr Location Clarksburg, WV 26306 US (Primary) Category Information Technology Job Type Full-time Career Level Entry Level Education Bachelor's Degree Travel None Security...SuggestedFull timeContract workLocal areaShift work
$299 - $653 per month
...Deputy Chief - Administration Under the direction of the Chief Information Security Officer (CISO), the Senior Cybersecurity Operations Analyst will be responsible for analyzing events from multiple security tools to identify incidents and potential information security...Full timePart timeWork experience placementWork at officeFlexible hours- ...for Silgan will be the best decision you make! Operations Technology Cyber Security Analyst We are seeking a highly skilled and detail-oriented... ...by identifying, assessing, and mitigating cybersecurity risks. You will partner with Engineering, Operations...Remote work
- ...program's long-term defense posture. Provide expert guidance on cybersecurity directives and risk management policies; review POA&Ms for... ...Information Security with 5+ years performing Cybersecurity Operations and Incident Response Required to work onsite daily at our...Work at office
- CYBERSECURITY OPERATIONS ANALYST Purpose: The Cybersecurity Operations Analyst designs and manages information security solutions, summarizes trends, and develops and implements processes and procedures to protect Clayton County’s information, assets, and systems. This...Immediate start
- Patton Electronics Co in Gaithersburg, Maryland is looking for an IT Operations & Cybersecurity Analyst to support day-to-day IT operations and maintain cybersecurity compliance activities. The ideal candidate will assist in executing defined processes and provide support...
- Under the direction of the Chief Information Security Officer, the Cybersecurity Operations Analyst will be responsible for day‑to‑day security event monitoring and the operational integrity of the organization’s information security toolsets. They will identify, investigate...Work experience placement
- The IT Operations & Cybersecurity Analyst supports day-to-day IT operations while assisting in maintaining cybersecurity and CMMC compliance activities across the organization. This role focuses on executing defined processes, supporting end users, maintaining documentation...
- Enterprise Products, a leader in midstream energy services, seeks a Cybersecurity Operations Analyst in Houston, Texas. This position involves monitoring security events, responding to incidents, and enhancing SOC processes across hybrid environments. The ideal candidate...
- The City of Santa Fe Springs is seeking a Cybersecurity Operations Analyst to enhance its information security posture. You will be responsible for security event monitoring, investigating suspicious activities, and reporting key performance metrics. Ideal candidates will...
- HTC Global Services is seeking a Cybersecurity Support Analyst I to work in Brooklyn, NY. This role contributes to cybersecurity through technical... ...an early-career professional with interests in security operations. The position requires solid troubleshooting skills and a...
- J5cyberconsulting in Washington, D.C. is seeking a skilled candidate to support technical analysis and cyber operations. Responsibilities include analyzing data, preparing reports, and providing briefings, requiring a firm understanding of social media platforms and advanced...
- ...On-Site) Fisher Phillips, a premier international labor and employment law firm is seeking a skilled and experienced Cybersecurity Operations Analyst I. In this essential role, you will contribute to the seamless operation of our services, providing crucial support to...Full timeTemporary workInternshipRemote workRelocation
$299 - $653 per month
Summary Of Duties And Responsibilities Under the direction of the Chief Information Security Officer, the Cybersecurity Operations Analyst will be responsible for day‑to‑day security event monitoring and the operational integrity of the organization’s information security...Full timePart timeWork experience placementWork at officeFlexible hours$69.4k - $158k
Cybersecurity Operations Center Analyst The Opportunity: Are you ready to take on a strategic role in cyber defense? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of cyber-attacks? If you want to sharpen your skills by...Full timeContract workPart timeWork at officeLocal areaRemote work- ...Job Description Job Description Cybersecurity Operations Analyst Houston, TX About Intuitive Machines: Intuitive Machines is an innovative and cutting-edge space company making cislunar space accessible to both public and private customers. Our mission is...
- ...Management, Threat Detection, Security Operations, Product Security, Mail Security, System... ...global incident response process for cybersecurity and data privacy cases across IBM. We are... ...-performing Incident Response Forensic Analyst to support the investigation and...Work at office
$104k - $166k
...Responsibilities Peraton is seeking a Cybersecurity Vulnerability Analyst in our Linthicum, MD office in support of our Department of Defense... ...Application Security Project (OWASP) top 10. Experience operating in a professional IT or cybersecurity environment....Contract workWork at officeShift work- ...Senior Vulnerability Analyst This position supports the Information Risk Strategy... ...as needed. Foundational knowledge in cybersecurity and apply that knowledge toward remediation... ...etc.). Must understand IT systems (Operating Systems, databases, and applications)....
- ...duties as assigned. Qualifications • Minimum of a Bachelor’s degree is required. • A minimum of 6 years of experience in cybersecurity, engineering, or QA is required • Ability to create and deliver Product Security awareness campaigns and other communications...Full time
- ...Entrusted by companies with challenging Cybersecurity and IT data management recruiting needs, Flex Staffing Resources identifies exceptional... ...vulnerability management capabilities. Understand enterprise operating environments, including security posture, application...Remote workFlexible hours1 day per week
- ...4 Year Degree. Overview of Position FEDITC is seeking a Cybersecurity Systems Analyst, Intermediate, to work at Fort Bragg (formerly Fort Liberty... ...and system risks, risk mitigation courses of action, and operational. Additionally, the Cybersecurity Systems Analyst should...Full timeFor contractorsInterim roleLocal area
- ...Job Description: Cybersecurity Job Title: Cybersecurity Duty Days: 226 Reports to:... ...and resolving technical issues that affect user or district operations. Qualifications Education/Certification ~ Bachelor...Work at officeFlexible hours
$90k - $120k
...Solutions is supporting current and near-term efforts to provide cybersecurity, data and network analysis expertise to mission. We are... ...for cleared professionals in the following areas: Network Analysts (Cyber, Forensic, Signals, Exploitation etc) Vulnerability...Local areaRemote work- ...The Cybersecurity Analyst acts as a senior technical lead and operational supervisor for the university’s security function. This role combines hands‑on technical analysis with management responsibilities, ensuring that security monitoring, incident response, and compliance...
- ...To support cybersecurity operations, the full-time Junior Cybersecurity Analyst will monitor and respond to security incidents, perform security analysis, and provide triage and support for security-related issues while working onsite. Key responsibilities Participate...Full timeRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cybersecurity Operations Analyst. Be the first to apply!
Related searches
- cybersecurity analyst remote United States
- senior cybersecurity analyst United States
- cyber security consultant United States
- cyber security specialist United States
- network operations center analyst United States
- product operations analyst United States
- technical operations analyst United States
- operations analyst intern United States
- customer success operations analyst United States
- legal operations analyst United States

