Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Cybersecurity Operations Analyst

$90k - $106k

Aon

The Cybersecurity Analyst - Threat Detection, Automation & SOC Operations is a hands-on role supporting Aon's global Cybersecurity Command Center (AC3). This position is designed for SOC analysts (Level 1-Level 3) focused on alert triage, incident investigation, and continuous improvement of detection and automation capabilities.

The role involves monitoring and analyzing security events, responding to alerts, and enhancing alert quality, playbooks, and workflows. The analyst will collaborate closely with Security Operations, Threat Intelligence, Security Engineering, and Incident Response teams to ensure comprehensive coverage across endpoint, identity, cloud, email, and network environments.

The ideal candidate is curious, analytical, and comfortable working directly with security tooling-investigating alerts, understanding attacker behavior, and contributing to the tuning and automation of SOC workflows.

Aon is in the business of better decisions

At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.

As an organization, we are united through trust as one engaged team and we are passionate about helping our colleagues and clients succeed.

What the day will look like

SOC Monitoring & Investigation
  • Monitor and triage alerts across platforms including LogScale, CrowdStrike Falcon, XSOAR, Microsoft, and Okta
  • Perform initial investigation and validation of security events to determine severity and scope
  • Escalate incidents with clear documentation, supporting evidence, and recommended actions
  • Conduct in-depth investigations into suspicious endpoint, identity, network, and cloud activity (L2/L3)
  • Support incident containment and remediation in coordination with Incident Response and Engineering teams
Detection Development & Tuning
  • Provide feedback on alert quality, noise, and detection gaps based on operational experience
  • Assist in creating and refining detection rules and correlation logic using real-world cases and threat intelligence
  • Tune existing detections to reduce false positives and improve SOC efficiency
  • Validate detection effectiveness against known attacker behaviors and MITRE ATT&CK techniques
Investigation Enablement
  • Design and refine investigative workflows to guide analysts from triage through resolution
  • Develop and maintain runbooks, playbooks, and procedural guides for common alert types
  • Identify missing context or data needed to accelerate investigations (e.g., enrichment, logging, asset data)
  • Recommend and implement improvements that reduce analyst effort and decision time
Security Automation & Playbooks
  • Utilize and enhance XSOAR playbooks and automation workflows within daily SOC operations
  • Identify repetitive tasks suitable for automation and partner with engineering teams to implement solutions
  • Test, validate, and optimize automated actions to ensure they support investigations effectively
  • Contribute to continuous improvement initiatives focused on SOC scalability, speed, and consistency
Security Analytics & Telemetry
  • Develop and execute queries in LogScale and other analytics platforms to support investigations and threat hunting
  • Analyze telemetry across endpoint, identity, cloud, email, and network sources to identify suspicious activity
  • Identify trends, recurring issues, and visibility gaps
  • Support development of dashboards and reporting for SOC performance and incident trends
Collaboration & Knowledge Sharing
  • Partner with AC3 analysts to identify operational challenges and propose improvements
  • Work with Threat Intelligence and PTO teams to operationalize intelligence into detections and playbooks
  • Collaborate with Security Engineering to enhance logging, telemetry, and data availability
  • Contribute to post-incident reviews and continuously update runbooks and detections
How this opportunity is different
  • Combines SOC operations, detection engineering, and automation-not just alert triage.
  • Lets analysts directly shape detections, playbooks, and workflows instead of only following them.
  • Proven focus on XSOAR and automation, giving a clear growth path into advanced detection and engineering roles.
  • Broad visibility across endpoint, identity, cloud, email, and network with modern tooling (LogScale, CrowdStrike, Microsoft, Okta).
Skills and experience that will lead to success
  • Minimum 2+years of experience in a SOC, Cyber Defense Center, MDR, or similar environment (L1-L3) will be preferred
  • Strong understanding of attack techniques, alerting, and MITRE ATT&CK framework
  • Hands-on experience with SIEM platforms such as LogScale, Splunk, Microsoft Sentinel, or Elastic
  • Familiarity with EDR tools (preferably CrowdStrike Falcon)
  • Exposure to SOAR platforms (e.g., XSOAR) and interest in automation
  • Basic scripting experience (Python, PowerShell, or similar) preferred
  • Strong analytical, troubleshooting, and evidence-based decision-making skills
  • Effective written and verbal communication, including incident documentation and handoffs
Preferred Backgrounds
  • SOC Analyst (Tier 1-3)
  • MDR Analyst
  • Incident Response Analyst
  • Threat Detection Analyst
  • Detection Engineer (with SOC experience)
  • Security Operations Engineer
  • Security Content Developer (with SOC exposure)

Education : Bachelor's degree in Computer Science or equivalent years of industry experience.

For positions in San Francisco and Los Angeles, we will consider for employment qualified applicants with arrest and conviction record in accordance with local Fair Chance ordinances.

Aon is not accepting unsolicited resumes from search firms for this position. If you are a search firm, you will not be compensated in any way for your submission of a candidate, even if Aon hires that candidate.

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.

Pay Transparency Laws: The salary range for this position (intended for U.S. applicants) is [$90000 to $106000] annually. The actual salary will vary based on applicant's education, experience, skills, and abilities, as well as internal equity and alignment with market data. The salary may also be adjusted based on applicant's geographic location.

A summary of all the benefits offered for this position:

Aon offers a comprehensive package of benefits for full-time and regular part-time colleagues, including, but not limited to: a 401(k) savings plan with employer contributions; an employee stock purchase plan; consideration for long-term incentive awards at Aon's discretion; medical, dental and vision insurance. This role does not accrue vacation. Rather, this role is eligible to take paid time off at the discretion of the employee and management in accordance with company policy and practices. Various other types of leaves of absence; paid sick leave as provided under state and local paid sick leave laws, short-term disability and optional long-term disability, health savings account, health care and dependent care reimbursement accounts, employee and dependent life insurance and supplemental life and AD&D insurance; optional personal insurance policies, adoption assistance, tuition assistance, commuter benefits, and an employee assistance program that includes free counseling sessions. Eligibility for benefits is governed by the applicable plan documents and policies.

#LI-NS1

#LI-REMOTE

2579990
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Cybersecurity Operations Analyst in United States vacancy
  • $69.4k - $158k

     ...Cybersecurity Operations Center Analyst As a Cybersecurity Operations Center Analyst on our security operations center team, you’ll improve tier monitoring strategies and analyze threats using state-of-the-art tools and platforms. You’ll work with the team to comprehend... 
    Suggested
    Full time
    Part time
    Casual work
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Fayetteville, NC
    2 days ago
  •  ...Overview Under the direction of the Chief Information Security Officer (CISO), the Senior Cybersecurity Operations Analyst will be responsible for analyzing events from multiple security tools to identify incidents and potential information security threats to the organization... 
    Suggested
    Work experience placement

    Illinois Attorney General (IL)

    Chicago, IL
    2 days ago
  • $69.4k - $158k

     ...Job Number: R0243048 Cybersecurity Operations Center Analyst The Opportunity: Are you ready to take on a strategic role in cyber defense? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of cyber-attacks? If you... 
    Suggested
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Fayetteville, NC
    18 hours ago
  • $100k - $125k

    Blackstone is the world's largest alternative asset manager. We seek to create positive economic impact and long-term value for our investors, the companies we invest in, and the communities in which we work. We do this by using extraordinary people and flexible capital...
    Suggested
    Local area
    Flexible hours

    Blackstone Restaurant

    Miami, FL
    1 day ago
  •  ...Job Title SOC Operations/Watch Floor Cybersecurity Analyst - Jr Location Clarksburg, WV 26306 US (Primary) Category Information Technology Job Type Full-time Career Level Entry Level Education Bachelor's Degree Travel None Security... 
    Suggested
    Full time
    Contract work
    Local area
    Shift work

    TMC Technologies

    Clarksburg, WV
    18 hours ago
  • $299 - $653 per month

     ...Deputy Chief - Administration Under the direction of the Chief Information Security Officer (CISO), the Senior Cybersecurity Operations Analyst will be responsible for analyzing events from multiple security tools to identify incidents and potential information security... 
    Full time
    Part time
    Work experience placement
    Work at office
    Flexible hours

    GovernmentJobs.com

    Chicago, IL
    1 day ago
  •  ...for Silgan will be the best decision you make! Operations Technology Cyber Security Analyst We are seeking a highly skilled and detail-oriented...  ...by identifying, assessing, and mitigating cybersecurity risks. You will partner with Engineering, Operations... 
    Remote work

    Silgan

    Brookfield, WI
    4 days ago
  •  ...program's long-term defense posture. Provide expert guidance on cybersecurity directives and risk management policies; review POA&Ms for...  ...Information Security with 5+ years performing Cybersecurity Operations and Incident Response Required to work onsite daily at our... 
    Work at office

    True Zero Technologies, LLC

    Washington DC
    1 day ago
  • CYBERSECURITY OPERATIONS ANALYST Purpose: The Cybersecurity Operations Analyst designs and manages information security solutions, summarizes trends, and develops and implements processes and procedures to protect Clayton County’s information, assets, and systems. This... 
    Immediate start

    Claytoncountyga

    New York, NY
    5 days ago
  • Patton Electronics Co in Gaithersburg, Maryland is looking for an IT Operations & Cybersecurity Analyst to support day-to-day IT operations and maintain cybersecurity compliance activities. The ideal candidate will assist in executing defined processes and provide support... 

    Patton Electronics

    Gaithersburg, MD
    1 day ago
  • Under the direction of the Chief Information Security Officer, the Cybersecurity Operations Analyst will be responsible for day‑to‑day security event monitoring and the operational integrity of the organization’s information security toolsets. They will identify, investigate... 
    Work experience placement

    Illinois Attorney General (IL)

    Chicago, IL
    2 days ago
  • The IT Operations & Cybersecurity Analyst supports day-to-day IT operations while assisting in maintaining cybersecurity and CMMC compliance activities across the organization. This role focuses on executing defined processes, supporting end users, maintaining documentation... 

    Patton Electronics Co

    Gaithersburg, MD
    1 day ago
  • Enterprise Products, a leader in midstream energy services, seeks a Cybersecurity Operations Analyst in Houston, Texas. This position involves monitoring security events, responding to incidents, and enhancing SOC processes across hybrid environments. The ideal candidate... 

    Enterprise Products

    Houston, TX
    4 days ago
  • The City of Santa Fe Springs is seeking a Cybersecurity Operations Analyst to enhance its information security posture. You will be responsible for security event monitoring, investigating suspicious activities, and reporting key performance metrics. Ideal candidates will... 

    City of Santa Fe Springs

    Chicago, IL
    4 days ago
  • HTC Global Services is seeking a Cybersecurity Support Analyst I to work in Brooklyn, NY. This role contributes to cybersecurity through technical...  ...an early-career professional with interests in security operations. The position requires solid troubleshooting skills and a... 

    HTC Global Services

    New York, NY
    1 day ago
  • J5cyberconsulting in Washington, D.C. is seeking a skilled candidate to support technical analysis and cyber operations. Responsibilities include analyzing data, preparing reports, and providing briefings, requiring a firm understanding of social media platforms and advanced... 

    J5cyberconsulting

    Washington DC
    1 day ago
  •  ...On-Site) Fisher Phillips, a premier international labor and employment law firm is seeking a skilled and experienced Cybersecurity Operations Analyst I. In this essential role, you will contribute to the seamless operation of our services, providing crucial support to... 
    Full time
    Temporary work
    Internship
    Remote work
    Relocation

    Fisher & Phillips

    Atlanta, GA
    2 days ago
  • $299 - $653 per month

    Summary Of Duties And Responsibilities Under the direction of the Chief Information Security Officer, the Cybersecurity Operations Analyst will be responsible for day‑to‑day security event monitoring and the operational integrity of the organization’s information security... 
    Full time
    Part time
    Work experience placement
    Work at office
    Flexible hours

    City of Santa Fe Springs

    Chicago, IL
    4 days ago
  • $69.4k - $158k

    Cybersecurity Operations Center Analyst The Opportunity: Are you ready to take on a strategic role in cyber defense? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of cyber-attacks? If you want to sharpen your skills by... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    North Carolina
    4 days ago
  •  ...Job Description Job Description Cybersecurity Operations Analyst Houston, TX About Intuitive Machines: Intuitive Machines is an innovative and cutting-edge space company making cislunar space accessible to both public and private customers. Our mission is... 

    Intuitive Machines LLC

    Houston, TX
    2 days ago
  •  ...Management, Threat Detection, Security Operations, Product Security, Mail Security, System...  ...global incident response process for cybersecurity and data privacy cases across IBM. We are...  ...-performing Incident Response Forensic Analyst to support the investigation and... 
    Work at office

    IBM Computing

    Austin, TX
    1 day ago
  • $104k - $166k

     ...Responsibilities Peraton is seeking a Cybersecurity Vulnerability Analyst in our Linthicum, MD office in support of our Department of Defense...  ...Application Security Project (OWASP) top 10. Experience operating in a professional IT or cybersecurity environment.... 
    Contract work
    Work at office
    Shift work

    Peraton

    Linthicum Heights, MD
    4 days ago
  •  ...Senior Vulnerability Analyst This position supports the Information Risk Strategy...  ...as needed. Foundational knowledge in cybersecurity and apply that knowledge toward remediation...  ...etc.). Must understand IT systems (Operating Systems, databases, and applications).... 

    Software Technology Inc

    Washington DC
    4 days ago
  •  ...duties as assigned. Qualifications • Minimum of a Bachelor’s degree is required. • A minimum of 6 years of experience in cybersecurity, engineering, or QA is required • Ability to create and deliver Product Security awareness campaigns and other communications... 
    Full time

    Software Technology Inc

    Milpitas, CA
    4 days ago
  •  ...Entrusted by companies with challenging Cybersecurity and IT data management recruiting needs, Flex Staffing Resources identifies exceptional...  ...vulnerability management capabilities. Understand enterprise operating environments, including security posture, application... 
    Remote work
    Flexible hours
    1 day per week

    FSR Inc

    Herndon, VA
    2 days ago
  •  ...4 Year Degree. Overview of Position FEDITC is seeking a Cybersecurity Systems Analyst, Intermediate, to work at Fort Bragg (formerly Fort Liberty...  ...and system risks, risk mitigation courses of action, and operational. Additionally, the Cybersecurity Systems Analyst should... 
    Full time
    For contractors
    Interim role
    Local area

    Feditc LLC

    Fort Bragg, NC
    20 hours ago
  •  ...Job Description: Cybersecurity Job Title: Cybersecurity Duty Days: 226 Reports to:...  ...and resolving technical issues that affect user or district operations. Qualifications Education/Certification ~ Bachelor... 
    Work at office
    Flexible hours

    Waxahachie ISD

    Waxahachie, TX
    4 days ago
  • $90k - $120k

     ...Solutions is supporting current and near-term efforts to provide cybersecurity, data and network analysis expertise to mission. We are...  ...for cleared professionals in the following areas: Network Analysts (Cyber, Forensic, Signals, Exploitation etc) Vulnerability... 
    Local area
    Remote work

    Nexxis Solutions

    Annapolis Junction, MD
    1 day ago
  •  ...The Cybersecurity Analyst acts as a senior technical lead and operational supervisor for the university’s security function. This role combines hands‑on technical analysis with management responsibilities, ensuring that security monitoring, incident response, and compliance... 

    Taylor's University Sdn Bhd

    Texas
    1 day ago
  •  ...To support cybersecurity operations, the full-time Junior Cybersecurity Analyst will monitor and respond to security incidents, perform security analysis, and provide triage and support for security-related issues while working onsite. Key responsibilities Participate... 
    Full time
    Remote work

    Virtual Vocations Inc

    United States
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Cybersecurity Operations Analyst. Be the first to apply!