Vivid Resourcing
Security Operations Center (SOC) Analyst (Tier 3)
Role Overview
The SOC Analyst will provide continuous monitoring, analysis, and response to security incidents affecting client networks, systems, and applications. Depending on Tier level, the analyst will triage alerts, investigate threats, escalate incidents, and support containment and remediation activities. Key Responsibilities Monitoring & Triage Monitor SIEM and security event dashboards for alerts and anomalies. Perform initial triage of alerts to determine false positives vs. real threats. Document all incidents, actions taken, and escalate per playbook. Conduct deeper analysis of suspicious activities, malware, and intrusions. Perform log correlation across multiple sources (firewalls, IDS/IPS, endpoints, cloud services). Escalate validated incidents to Tier 3 or Incident Response team. Provide recommendations for improving detection rules. Lead investigation and containment of high-severity security incidents. Conduct forensic analysis on compromised endpoints or networks. Engage in proactive threat hunting and detection engineering. Produce incident reports, root cause analysis, and remediation guidance. Incident and alert logs maintained accurately. Daily/weekly SOC activity reports. Post-incident reports with findings, recommendations, and lessons learned. Continuous improvement input into SOC processes and playbooks.
Incident Management & Reporting
Escalate validated incidents to Tier 3 or Incident Response team. Produce incident reports, root cause analysis, and remediation guidance. Post-incident reports with findings, recommendations, and lessons learned. Daily/weekly SOC activity reports. Continuous improvement input into SOC processes and playbooks.
Lead investigation and containment of high-severity security incidents. Conduct forensic analysis on compromised endpoints or networks. Engage in proactive threat hunting and detection engineering.
Required Skills & Qualifications
Proven experience in security monitoring or incident response (Tier level based on experience). Strong knowledge of SIEM platforms (e.g., Splunk, QRadar, Sentinel). Familiarity with IDS/IPS, firewalls, endpoint protection, and log analysis tools. Understanding of threat vectors, malware, phishing, and common attack techniques (MITRE ATT&CK framework). Certifications preferred: CompTIA Security+, CySA+, CEH, GCIA, GCIH, CISSP (for higher tiers).
Engagement Terms
Duration:
6 months contract with possible extension
Job Details
Seniority level:
Mid-Senior level Employment type:
Contract Job function:
Information Technology Industries:
Technology, Information and Media and Information Services
#J-18808-Ljbffr
The SOC Analyst will provide continuous monitoring, analysis, and response to security incidents affecting client networks, systems, and applications. Depending on Tier level, the analyst will triage alerts, investigate threats, escalate incidents, and support containment and remediation activities. Key Responsibilities Monitoring & Triage Monitor SIEM and security event dashboards for alerts and anomalies. Perform initial triage of alerts to determine false positives vs. real threats. Document all incidents, actions taken, and escalate per playbook. Conduct deeper analysis of suspicious activities, malware, and intrusions. Perform log correlation across multiple sources (firewalls, IDS/IPS, endpoints, cloud services). Escalate validated incidents to Tier 3 or Incident Response team. Provide recommendations for improving detection rules. Lead investigation and containment of high-severity security incidents. Conduct forensic analysis on compromised endpoints or networks. Engage in proactive threat hunting and detection engineering. Produce incident reports, root cause analysis, and remediation guidance. Incident and alert logs maintained accurately. Daily/weekly SOC activity reports. Post-incident reports with findings, recommendations, and lessons learned. Continuous improvement input into SOC processes and playbooks.
Incident Management & Reporting
Escalate validated incidents to Tier 3 or Incident Response team. Produce incident reports, root cause analysis, and remediation guidance. Post-incident reports with findings, recommendations, and lessons learned. Daily/weekly SOC activity reports. Continuous improvement input into SOC processes and playbooks.
Lead investigation and containment of high-severity security incidents. Conduct forensic analysis on compromised endpoints or networks. Engage in proactive threat hunting and detection engineering.
Required Skills & Qualifications
Proven experience in security monitoring or incident response (Tier level based on experience). Strong knowledge of SIEM platforms (e.g., Splunk, QRadar, Sentinel). Familiarity with IDS/IPS, firewalls, endpoint protection, and log analysis tools. Understanding of threat vectors, malware, phishing, and common attack techniques (MITRE ATT&CK framework). Certifications preferred: CompTIA Security+, CySA+, CEH, GCIA, GCIH, CISSP (for higher tiers).
Engagement Terms
Duration:
6 months contract with possible extension
Job Details
Seniority level:
Mid-Senior level Employment type:
Contract Job function:
Information Technology Industries:
Technology, Information and Media and Information Services
#J-18808-Ljbffr