Security Operations Center (SOC) Analyst

Who You’ll Work With

We are seeking a highly motivated and proactive Security Operations Center (SOC) Analyst to join our dynamic, remote cybersecurity team. The ideal candidate is a critical thinker, self-starter, and driven professional with hands-on experience using Crowdstrike or other EDRs. You will play a critical role in monitoring, triaging, and responding to cyber threats across our primarily Mac and Linux environments, with some Windows systems. You will work closely with a collaborative team of fellow SOC analysts, incident responders, threat hunters, and cross-functional partners across IT, engineering, and DevOps to ensure our security posture remains strong. We’re looking for someone who takes ownership, excels in high-pressure settings, and is skilled in writing CrowdStrike Query Language (CQL) (or similar) to create effective detections that protect our organization’s assets.

What You’ll Do

• Monitor and triage security alerts.
• Build, test, and refine detections to enhance threat identification across Mac, Linux, and Windows systems.
• Conduct in-depth analysis of security incidents, including malware, phishing, and advanced persistent threats, leveraging SIEM and EDR capabilities.
• Perform proactive threat hunting using the SIEM and EDR features.
• Investigate and respond to incidents swiftly, following established incident response protocols.
• Document findings clearly and provide actionable remediation recommendations.
• Collaborate with cross-functional teams to strengthen security controls and mitigate vulnerabilities.
• Stay current on emerging threats, vulnerabilities, and industry trends through self-directed learning.
• Participate in on-call rotation for 24x7x365 SOC coverage, demonstrating reliability and accountability.
• Escalate confirmed or suspicious incidents and cases to the Incident Response team.