Secure Technology Integration Group
Senior SOC Analyst/Engineer (Tier 3)
Secure Technology Integration Group, New York, New York, us, 10261
Salary Range: $110,000 - $125,000
STIGroup’s Managed Security Operations (MSO) team provides cybersecurity monitoring, detection, and incident response to organizations that rely on us to protect their most critical assets. We combine cutting‑edge tools with a collaborative, client‑focused culture to deliver trusted managed security services — and now we’re looking for a Tier 3 Senior SOC Analyst/Engineer to join us.
This role blends
advanced incident response
with
SOC engineering . You’ll lead high‑severity investigations, mentor junior analysts, and improve our detection pipelines through SIEM tuning, SOAR playbook development, and log source onboarding. It’s the ideal role for someone who thrives on dissecting attacker TTPs while also building the systems that stop them.
Please note: STIGroup is unable to offer employment sponsorship. Candidates must be eligible to work in the United States.
What You’ll Do Incident Response & Threat Detection
Lead
Incident Response
investigations of complex incidents across Windows, Linux, and Mac environments.
Perform root cause analysis to uncover persistence mechanisms, lateral movement, and attacker TTPs.
Conduct malware triage and analysis (static and dynamic).
Review
Forensics
artifacts such as memory, event logs, and registries.
Develop and tune detection logic within
SIEM
platforms.
Guide containment and remediation alongside engineering teams.
Provide
Mentorship
to Tier 1 and Tier 2 analysts, review escalations, and refine workflows.
Contribute to
Automation
improvements (e.g., SOAR).
Produce incident reports and communicate findings to stakeholders and clients.
SOC Engineering & Tooling
Architect, maintain, and optimize SOC platforms (SIEM, EDR, vulnerability scanners, SOAR).
Onboard new customers and integrate log sources into the SOC environment.
Design, build, and deploy SOAR playbooks for triage and automated response.
Improve
Detection Engineering
pipelines and troubleshoot ingestion gaps.
Maintain infrastructure documentation and detection repositories.
Drive
Automation
and process improvements using scripting (Python, PowerShell, APIs).
What You'll Bring
4+ years in SOC analysis, incident response, or security engineering.
Strong experience leading escalated incident response.
Hands‑on experience with leading SIEM and EDR platforms.
Proficiency in malware analysis, network forensics, and detection engineering.
Familiarity with MITRE ATT&CK and attacker tradecraft.
Experience with forensic analysis tools and methodologies.
Strong scripting and automation skills (Python, PowerShell, APIs).
Excellent communication skills, including customer‑facing reporting.
Proven ability to mentor, collaborate, and peer review.
Adaptability in a fast‑paced, fully remote environment.
Commitment to continuous learning and staying ahead of cyber threats.
Culture & Team We’re a remote‑first SOC that values collaboration, knowledge sharing, and continuous improvement. Our analysts are encouraged to experiment, mentor, and bring new detection ideas to the table. You won’t be siloed. You’ll be working directly with engineering, leadership, and clients to make a visible impact.
Benefits
Comprehensive medical, dental, and vision coverage
401(k) with company match
Certification reimbursement and continuous training opportunities
Flexible PTO and paid holidays
Remote‑first role with core collaboration hours in EST
Opportunities to lead initiatives and directly shape SOC operations
Our Tools & Platforms You’ll work with leading SIEM and EDR platforms, next‑generation SOAR technology, and industry‑standard vulnerability management and network security tools. Our environment blends enterprise‑grade solutions with cutting‑edge automation, giving you the opportunity to influence how we detect and respond to threats.
#J-18808-Ljbffr
STIGroup’s Managed Security Operations (MSO) team provides cybersecurity monitoring, detection, and incident response to organizations that rely on us to protect their most critical assets. We combine cutting‑edge tools with a collaborative, client‑focused culture to deliver trusted managed security services — and now we’re looking for a Tier 3 Senior SOC Analyst/Engineer to join us.
This role blends
advanced incident response
with
SOC engineering . You’ll lead high‑severity investigations, mentor junior analysts, and improve our detection pipelines through SIEM tuning, SOAR playbook development, and log source onboarding. It’s the ideal role for someone who thrives on dissecting attacker TTPs while also building the systems that stop them.
Please note: STIGroup is unable to offer employment sponsorship. Candidates must be eligible to work in the United States.
What You’ll Do Incident Response & Threat Detection
Lead
Incident Response
investigations of complex incidents across Windows, Linux, and Mac environments.
Perform root cause analysis to uncover persistence mechanisms, lateral movement, and attacker TTPs.
Conduct malware triage and analysis (static and dynamic).
Review
Forensics
artifacts such as memory, event logs, and registries.
Develop and tune detection logic within
SIEM
platforms.
Guide containment and remediation alongside engineering teams.
Provide
Mentorship
to Tier 1 and Tier 2 analysts, review escalations, and refine workflows.
Contribute to
Automation
improvements (e.g., SOAR).
Produce incident reports and communicate findings to stakeholders and clients.
SOC Engineering & Tooling
Architect, maintain, and optimize SOC platforms (SIEM, EDR, vulnerability scanners, SOAR).
Onboard new customers and integrate log sources into the SOC environment.
Design, build, and deploy SOAR playbooks for triage and automated response.
Improve
Detection Engineering
pipelines and troubleshoot ingestion gaps.
Maintain infrastructure documentation and detection repositories.
Drive
Automation
and process improvements using scripting (Python, PowerShell, APIs).
What You'll Bring
4+ years in SOC analysis, incident response, or security engineering.
Strong experience leading escalated incident response.
Hands‑on experience with leading SIEM and EDR platforms.
Proficiency in malware analysis, network forensics, and detection engineering.
Familiarity with MITRE ATT&CK and attacker tradecraft.
Experience with forensic analysis tools and methodologies.
Strong scripting and automation skills (Python, PowerShell, APIs).
Excellent communication skills, including customer‑facing reporting.
Proven ability to mentor, collaborate, and peer review.
Adaptability in a fast‑paced, fully remote environment.
Commitment to continuous learning and staying ahead of cyber threats.
Culture & Team We’re a remote‑first SOC that values collaboration, knowledge sharing, and continuous improvement. Our analysts are encouraged to experiment, mentor, and bring new detection ideas to the table. You won’t be siloed. You’ll be working directly with engineering, leadership, and clients to make a visible impact.
Benefits
Comprehensive medical, dental, and vision coverage
401(k) with company match
Certification reimbursement and continuous training opportunities
Flexible PTO and paid holidays
Remote‑first role with core collaboration hours in EST
Opportunities to lead initiatives and directly shape SOC operations
Our Tools & Platforms You’ll work with leading SIEM and EDR platforms, next‑generation SOAR technology, and industry‑standard vulnerability management and network security tools. Our environment blends enterprise‑grade solutions with cutting‑edge automation, giving you the opportunity to influence how we detect and respond to threats.
#J-18808-Ljbffr