ZipRecruiter
Security Operations Center (SOC) Analyst
ZipRecruiter, Ebensburg, Pennsylvania, United States, 15931
Job DescriptionJob DescriptionSalary:
Position Overview:
As a SOC Analyst at viLogics, you are a front-line cyber defender operating within the Total Secure Office 365 (TSO 365) frameworkour fully managed cybersecurity and IT services platform. In this MSSP (Managed Security Services Provider) environment, you will work alongside elite engineers to deliver continuous threat detection, incident response, and risk mitigation for our clients, across industries ranging from healthcare and education to manufacturing and state/local government.
This role requires deep analytical skills, collaborative instincts, and operational fluency in cloud, hybrid, and on-prem environments. Analysts must be comfortable supporting viLogics proprietary FastTrack Cybersecurity Model, which includes fully integrated MDR/XDR, SIEM, SASE, PAM, and secure backup platforms.
Core Responsibilities:
Security Monitoring & Threat Detection
Monitor endpoints, servers, SaaS platforms (e.g., M365), and cloud workloads via viLogics integrated MDR/XDR platform.
Analyze events from viLogics' SIEM/SOAR environment and escalate based on criticality and workflows.
Apply threat intelligence feeds, MITRE ATT&CK mapping, and behavioral analytics to detect advanced persistent threats (APTs), ransomware, and zero-day exploits.
Incident Triage & Response
Lead real-time response to Tier 1 and Tier 2 security events using viLogics' TSO toolkits, including playbook-driven SOAR workflows.
Document incident reports with impact assessments and recommended mitigations; coordinate remediation with client IT teams or viLogics Helpdesk.
Participate in post-incident reviews, ensuring lessons learned are documented and improvements applied to IR playbooks.
Operational Excellence & Automation
Tune correlation rules, detection logic, and alert thresholds to align with client risk profiles and compliance requirements (HIPAA, CMMC, PCI, etc.).
Recommend improvements for automated containment workflows (quarantining hosts, revoking credentials, etc.).
Assist with purple team exercises and tabletop simulations facilitated under viLogics cyber readiness engagements.
Client-Facing Collaboration
Participate in monthly client briefings to review detected threats, trends, and security posture improvements.
Translate complex technical findings into executive-level insights during client calls and compliance audits.
Provide risk prioritization to clients leveraging viLogics Cyber Exposure Index and SaaS Alert integrations.
Toolsets Youll Work With:
SIEM/SOAR:
viLogics Internal SIEM/SOAR, Microsoft Sentinel, Splunk, LogRhythm, Cortex XSOAR
EDR/XDR/MDR:
viLogics EDR, SentinelOne, Defender for Endpoint, Huntress, CrowdStrike (client-dependent)
IAM/PAM:
ThreatLocker, Microsoft Entra ID (Azure AD), Duo
Network Security:
DNS Filtering, ZTNA, SASE Netskope, Prisma Access)
Backup & DR:
Veeam, Zerto, Rubrik, Air-Gap Immutable Storage
Compliance Integrations:
CISv8, NIST 800-171, HIPAA, CMMC 2.0, PCI-DSS
Required Qualifications:
13 years in a SOC, MSSP, or threat analyst role
Strong understanding of TCP/IP, DNS, HTTP/S, and log analysis
Familiarity with MITRE ATT&CK, threat intelligence platforms, and TTP correlation
Hands-on experience with at least one SIEM, one EDR/XDR platform, and protection tools
Solid knowledge of Microsoft 365 workloads, including Defender for Office, Teams, OneDrive, and SharePoint
Certifications:
CompTIA Security+ or CySA+
Microsoft SC-200: Security Operations Analyst
GIAC Certified Detection Analyst (GCDA)
EC-Council CSA / CEH
Kaseya One certifications
SentinelOne or CrowdStrike analyst certifications
What Sets This Role Apart at viLogics:
Work inside a
Tier-3 SOC 2 Certified Data Center Help clients qualify for
$1.5M+ in bundled cybersecurity insurance Operate in a
Zero Trust Architecture (ZTA)
environment with integrated SASE, SD-WAN, and PAM Be part of a team that blends
ITIL-based service delivery with cyber warfare-level response protocols
Career Trajectory:
Tier 2 / Tier 3 SOC Analyst
Cyber Threat Hunter
vCISO or Compliance Officer
DFIR Specialist or Security Engineer
TSO 365 Platform Architect
Work Environment:
Fully remote with optional travel to client locations or viLogics Data Centers
Rotational 24/7 coverage schedule with premium for overnight/weekend shifts
Collaborative, fast-paced security operations team focused on measurable impact and client security maturity
Position Overview:
As a SOC Analyst at viLogics, you are a front-line cyber defender operating within the Total Secure Office 365 (TSO 365) frameworkour fully managed cybersecurity and IT services platform. In this MSSP (Managed Security Services Provider) environment, you will work alongside elite engineers to deliver continuous threat detection, incident response, and risk mitigation for our clients, across industries ranging from healthcare and education to manufacturing and state/local government.
This role requires deep analytical skills, collaborative instincts, and operational fluency in cloud, hybrid, and on-prem environments. Analysts must be comfortable supporting viLogics proprietary FastTrack Cybersecurity Model, which includes fully integrated MDR/XDR, SIEM, SASE, PAM, and secure backup platforms.
Core Responsibilities:
Security Monitoring & Threat Detection
Monitor endpoints, servers, SaaS platforms (e.g., M365), and cloud workloads via viLogics integrated MDR/XDR platform.
Analyze events from viLogics' SIEM/SOAR environment and escalate based on criticality and workflows.
Apply threat intelligence feeds, MITRE ATT&CK mapping, and behavioral analytics to detect advanced persistent threats (APTs), ransomware, and zero-day exploits.
Incident Triage & Response
Lead real-time response to Tier 1 and Tier 2 security events using viLogics' TSO toolkits, including playbook-driven SOAR workflows.
Document incident reports with impact assessments and recommended mitigations; coordinate remediation with client IT teams or viLogics Helpdesk.
Participate in post-incident reviews, ensuring lessons learned are documented and improvements applied to IR playbooks.
Operational Excellence & Automation
Tune correlation rules, detection logic, and alert thresholds to align with client risk profiles and compliance requirements (HIPAA, CMMC, PCI, etc.).
Recommend improvements for automated containment workflows (quarantining hosts, revoking credentials, etc.).
Assist with purple team exercises and tabletop simulations facilitated under viLogics cyber readiness engagements.
Client-Facing Collaboration
Participate in monthly client briefings to review detected threats, trends, and security posture improvements.
Translate complex technical findings into executive-level insights during client calls and compliance audits.
Provide risk prioritization to clients leveraging viLogics Cyber Exposure Index and SaaS Alert integrations.
Toolsets Youll Work With:
SIEM/SOAR:
viLogics Internal SIEM/SOAR, Microsoft Sentinel, Splunk, LogRhythm, Cortex XSOAR
EDR/XDR/MDR:
viLogics EDR, SentinelOne, Defender for Endpoint, Huntress, CrowdStrike (client-dependent)
IAM/PAM:
ThreatLocker, Microsoft Entra ID (Azure AD), Duo
Network Security:
DNS Filtering, ZTNA, SASE Netskope, Prisma Access)
Backup & DR:
Veeam, Zerto, Rubrik, Air-Gap Immutable Storage
Compliance Integrations:
CISv8, NIST 800-171, HIPAA, CMMC 2.0, PCI-DSS
Required Qualifications:
13 years in a SOC, MSSP, or threat analyst role
Strong understanding of TCP/IP, DNS, HTTP/S, and log analysis
Familiarity with MITRE ATT&CK, threat intelligence platforms, and TTP correlation
Hands-on experience with at least one SIEM, one EDR/XDR platform, and protection tools
Solid knowledge of Microsoft 365 workloads, including Defender for Office, Teams, OneDrive, and SharePoint
Certifications:
CompTIA Security+ or CySA+
Microsoft SC-200: Security Operations Analyst
GIAC Certified Detection Analyst (GCDA)
EC-Council CSA / CEH
Kaseya One certifications
SentinelOne or CrowdStrike analyst certifications
What Sets This Role Apart at viLogics:
Work inside a
Tier-3 SOC 2 Certified Data Center Help clients qualify for
$1.5M+ in bundled cybersecurity insurance Operate in a
Zero Trust Architecture (ZTA)
environment with integrated SASE, SD-WAN, and PAM Be part of a team that blends
ITIL-based service delivery with cyber warfare-level response protocols
Career Trajectory:
Tier 2 / Tier 3 SOC Analyst
Cyber Threat Hunter
vCISO or Compliance Officer
DFIR Specialist or Security Engineer
TSO 365 Platform Architect
Work Environment:
Fully remote with optional travel to client locations or viLogics Data Centers
Rotational 24/7 coverage schedule with premium for overnight/weekend shifts
Collaborative, fast-paced security operations team focused on measurable impact and client security maturity