Top Stack
Security Operations Center (SOC) Analyst – Incident Response
Top Stack, King of Prussia, Pennsylvania, United States
Overview
We are seeking a skilled to join our team, responsible for the identification, triage, and response to security events and incidents. You will work with advanced security tools to analyze and investigate suspicious activities across multiple operating systems, proactively hunt threats, and help maintain our overall cyber resilience. Key Responsibilities
Monitor, correlate, and perform initial triage of security events and alerts to assess scope, urgency, and potential impact. Document and manage incidents from detection to resolution, ensuring detailed and accurate reporting. Conduct host-based forensic analysis across Windows, Linux, and macOS environments to detect suspicious or malicious activity. Maintain expertise in operating system internals and artifacts to support ongoing investigations. Analyze various data sources to identify and assess past or ongoing security threats. Provide after-hours on-call support (including weekends) as part of a rotational schedule for critical incident response. Execute threat hunting activities to proactively identify undetected threats and inform security tool improvements. Build and optimize SIEM dashboards to highlight incidents and monitor activity effectively. Tune and maintain security policies and configurations across tools like EDR, IPS, and content filters to minimize false positives and improve detection accuracy. What We’re Looking For
3–5 plus years of experience in security operations, incident response, vulnerability management, intrusion detection, or related areas. 3–5 plus years of experience with Splunk, Linux and Windows Analysis Hands-on experience with EDR/XDR technologies and/or open-source DFIR tools (e.g., KAPE, Plaso/Log2Timeline, Autopsy). Strong understanding of Windows and Linux operating systems, including forensic artifacts and investigation techniques. Proficiency in analyzing logs, events, and other telemetry from various enterprise data sources. Experience creating SIEM dashboards and tuning security tools to enhance detection and reduce alert fatigue. Bachelor’s degree in a related field or equivalent work experience. Seniority level
Associate Employment type
Full-time Job function
Information Technology Industries
Hospitals and Health Care Insurance Financial Services Location: Philadelphia, PA Salary: $125,000.00-$175,000.00
#J-18808-Ljbffr
We are seeking a skilled to join our team, responsible for the identification, triage, and response to security events and incidents. You will work with advanced security tools to analyze and investigate suspicious activities across multiple operating systems, proactively hunt threats, and help maintain our overall cyber resilience. Key Responsibilities
Monitor, correlate, and perform initial triage of security events and alerts to assess scope, urgency, and potential impact. Document and manage incidents from detection to resolution, ensuring detailed and accurate reporting. Conduct host-based forensic analysis across Windows, Linux, and macOS environments to detect suspicious or malicious activity. Maintain expertise in operating system internals and artifacts to support ongoing investigations. Analyze various data sources to identify and assess past or ongoing security threats. Provide after-hours on-call support (including weekends) as part of a rotational schedule for critical incident response. Execute threat hunting activities to proactively identify undetected threats and inform security tool improvements. Build and optimize SIEM dashboards to highlight incidents and monitor activity effectively. Tune and maintain security policies and configurations across tools like EDR, IPS, and content filters to minimize false positives and improve detection accuracy. What We’re Looking For
3–5 plus years of experience in security operations, incident response, vulnerability management, intrusion detection, or related areas. 3–5 plus years of experience with Splunk, Linux and Windows Analysis Hands-on experience with EDR/XDR technologies and/or open-source DFIR tools (e.g., KAPE, Plaso/Log2Timeline, Autopsy). Strong understanding of Windows and Linux operating systems, including forensic artifacts and investigation techniques. Proficiency in analyzing logs, events, and other telemetry from various enterprise data sources. Experience creating SIEM dashboards and tuning security tools to enhance detection and reduce alert fatigue. Bachelor’s degree in a related field or equivalent work experience. Seniority level
Associate Employment type
Full-time Job function
Information Technology Industries
Hospitals and Health Care Insurance Financial Services Location: Philadelphia, PA Salary: $125,000.00-$175,000.00
#J-18808-Ljbffr