PRI Technology
Overnight Security Operations Center Analyst
Location: Austin, TX
Salary: $84,000.00-$98,000.00
Responsibilities
Provide mentorship and technical oversight to L2 analysts and MSSP‑led supporting staff, reviewing investigations and guiding escalation decisions.
Lead incident response efforts for high‑severity events, coordinating across teams to ensure effective containment and remediation.
Contribute to the development and refinement of SOC processes, playbooks, and escalation protocols.
Participate in hiring, onboarding, and training activities to build a high‑performing SOC team.
Conduct advanced investigations of security alerts and incidents, including malware analysis, lateral movement, and data exfiltration.
Perform threat hunting using hypothesis‑driven approaches and threat intelligence to uncover hidden threats.
Develop and tune detection rules, correlation logic, and behavioral analytics across SIEM, EDR, and cloud platforms.
Analyze attacker TTPs and translate them into actionable detections using frameworks such as MITRE Telecommunication & CK and the Cyber Kill Chain.
Lead forensic investigations, including memory, disk, and network analysis, to support incident response and legal requirements.
Collaborate with detection engineering and threat intelligence teams to improve detection coverage and response workflows.
Serve as a key point of contact during major incidents, providing technical updates and risk assessments to leadership and stakeholders.
Document investigation findings, incident timelines, and lessons learned in a clear and structured format.
Support compliance and audit efforts by ensuring incident handling aligns with regulatory and policy requirements.
Collaborate with IT, OT, and business units to ensure visibility and response capabilities across all environments.
Contribute to SOC maturity assessments and strategic planning to enhance the organization’s cyber defense posture.
Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start).
Five (5) years of experience in a SOC or cybersecurity operations role, with at least 2 years in a senior or L3 capacity in a private, public, government or military environment.
Proficiency in SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Carbon Black), and forensic tools.
Strong understanding of Windows, Linux, and cloud environments (AWS, Azure, GCP) from a security perspective.
Experience with scripting or automation (e.g., Python, PowerShell) is a plus.
Familiarity with threat intelligence platforms, malware analysis tools, and adversary simulation frameworks.
Industry certifications such as GCIA, GCIH, GCFA, OSCP, or equivalent are highly desirable.
Excellent communication skills, with the ability to convey complex technical issues to both technical and non‑technical audiences.
Senior‑level expertise in leading complex investigations and responding to advanced cyber threats.
Skilled in malware analysis, threat hunting, and forensic investigations across diverse environments.
Proficient in developing detection logic and tuning analytics to identify sophisticated attacker behaviors.
Strong understanding of adversary TTPs and frameworks like MITRE Telecommunication & CK and the Cyber Kill Chain.
Effective mentor and technical leader for junior analysts, fostering a culture of excellence in the SOC.
Experienced in coordinating incident response efforts and communicating findings to stakeholders.
Committed to continuous improvement of SOC processes, playbooks, and detection capabilities.
Strategic thinker with the ability to assess risk, lead under pressure, and drive operational maturity.
Seniority Level Not Applicable
Employment Type Full‑time
Job Function Information Technology
Industries Manufacturing
#J-18808-Ljbffr
Salary: $84,000.00-$98,000.00
Responsibilities
Provide mentorship and technical oversight to L2 analysts and MSSP‑led supporting staff, reviewing investigations and guiding escalation decisions.
Lead incident response efforts for high‑severity events, coordinating across teams to ensure effective containment and remediation.
Contribute to the development and refinement of SOC processes, playbooks, and escalation protocols.
Participate in hiring, onboarding, and training activities to build a high‑performing SOC team.
Conduct advanced investigations of security alerts and incidents, including malware analysis, lateral movement, and data exfiltration.
Perform threat hunting using hypothesis‑driven approaches and threat intelligence to uncover hidden threats.
Develop and tune detection rules, correlation logic, and behavioral analytics across SIEM, EDR, and cloud platforms.
Analyze attacker TTPs and translate them into actionable detections using frameworks such as MITRE Telecommunication & CK and the Cyber Kill Chain.
Lead forensic investigations, including memory, disk, and network analysis, to support incident response and legal requirements.
Collaborate with detection engineering and threat intelligence teams to improve detection coverage and response workflows.
Serve as a key point of contact during major incidents, providing technical updates and risk assessments to leadership and stakeholders.
Document investigation findings, incident timelines, and lessons learned in a clear and structured format.
Support compliance and audit efforts by ensuring incident handling aligns with regulatory and policy requirements.
Collaborate with IT, OT, and business units to ensure visibility and response capabilities across all environments.
Contribute to SOC maturity assessments and strategic planning to enhance the organization’s cyber defense posture.
Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start).
Five (5) years of experience in a SOC or cybersecurity operations role, with at least 2 years in a senior or L3 capacity in a private, public, government or military environment.
Proficiency in SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Carbon Black), and forensic tools.
Strong understanding of Windows, Linux, and cloud environments (AWS, Azure, GCP) from a security perspective.
Experience with scripting or automation (e.g., Python, PowerShell) is a plus.
Familiarity with threat intelligence platforms, malware analysis tools, and adversary simulation frameworks.
Industry certifications such as GCIA, GCIH, GCFA, OSCP, or equivalent are highly desirable.
Excellent communication skills, with the ability to convey complex technical issues to both technical and non‑technical audiences.
Senior‑level expertise in leading complex investigations and responding to advanced cyber threats.
Skilled in malware analysis, threat hunting, and forensic investigations across diverse environments.
Proficient in developing detection logic and tuning analytics to identify sophisticated attacker behaviors.
Strong understanding of adversary TTPs and frameworks like MITRE Telecommunication & CK and the Cyber Kill Chain.
Effective mentor and technical leader for junior analysts, fostering a culture of excellence in the SOC.
Experienced in coordinating incident response efforts and communicating findings to stakeholders.
Committed to continuous improvement of SOC processes, playbooks, and detection capabilities.
Strategic thinker with the ability to assess risk, lead under pressure, and drive operational maturity.
Seniority Level Not Applicable
Employment Type Full‑time
Job Function Information Technology
Industries Manufacturing
#J-18808-Ljbffr