Security Operations Center Analyst

• Conduct daily traffic analysis to identify and characterize anomalous activity.
• Perform in-depth system and network forensics to identify and eradicate threats.
• Analyze network traffic to detect anomalies and potential threats to resources.
• Generate incident reports and investigate suspicious network and system activity.
• Perform cyber defense trend analysis and reporting.
• Determine tactics, techniques, and procedures (TTPs) for intrusion sets.
• Reconstruct malicious attacks based on network traffic analysis.
• Proactively identify threats and distribute enterprise-wide alerts.
• Coordinate with cyber defense teams to validate network alerts.
• Provide timely detection and alerting of attacks, intrusions, and misuse activities.
• Monitor software patches and security fixes; test and validate modified systems.
• Conduct security reviews and identify gaps in security architecture.
• Recommend vulnerability remediation and risk mitigation strategies.
• Process, document, and coordinate resolution of cyber incidents.
• Notify stakeholders and incident response teams of suspected cyber incidents.
• Support incident response by communicating event history, status, and impact.
• Provide SOC coverage for swing shifts and weekends (Central AZSOC, North Phoenix).

• Strong end-to-end understanding of IT systems, especially in security contexts.
• Ability to triage security alerts across network, endpoint, logs, and identity systems.
• Experience in incident response and incident management.
• Ability to work under pressure and prioritize effectively.
• Strong attention to detail for handling cyber alerts and incidents.
• Excellent communication and stakeholder management skills.
• Fast learner with strong problem-solving abilities.
• Minimum of 2 years of experience in a security operations environment or related field.

Required Skills

• 2+ years of experience in Security Operations or related field.
• Strong understanding of IT systems with a focus on cybersecurity.