SOC Analyst

4+ years in SOC operations, cybersecurity, or incident response. Strong knowledge of EDR, SIEM, SOAR, NDR, FIM, and Antivirus/NGAV platforms. Experience in writing playbooks, automating responses, and tuning detection logic. Familiarity with incident handling frameworks, threat hunting, and digital forensics. Knowledge of MITRE ATT&CK, Cyber Kill Chain, NIST IR, ISO 27001. Experience creating and maintaining incident response playbooks and runbooks. Ability to perform threat hunting and deep-dive investigation using EDR, NDR, and SIEM telemetry. Knowledge of security automation, cloud-native security, and network forensics. Strong communication and documentation skills.

Monitor and analyze security alerts from SIEM, EDR, NDR, FIM, and Antivirus platforms. Execute incident response lifecycle activities including triage, containment, eradication, and recovery. Develop, maintain, and enhance incident response playbooks and runbooks. Conduct regular vulnerability assessments and coordinate with IT teams for remediation. Manage and optimize EDR, SIEM, SOAR, FIM, NDR, and Antivirus tools. Monitor File Integrity Monitoring (FIM) systems and analyze/respond to Antivirus/NGAV alerts. Leverage NDR tools to identify lateral movement, C2 traffic, and exfiltration attempts. Generate detailed reports and dashboards highlighting incident metrics, trends, and SOC performance.