SOC Analyst

Seeking a hands-on SOC Analyst to provide immediate operational support and free up internal security staff. This role focuses on real-time monitoring, triage, and response to security alerts across endpoint protection, phishing incidents, and email security tools. Primary responsibility includes working with:

• SentinelOne (EDR/XDR alerts)

• Microsoft Defender (Email, Endpoint, Identity alerts)

• Phishing reports from end-users, 1. Security Alert Monitoring & Triage

• Monitor and triage alerts from:

• SentinelOne (malware, suspicious activity, behavioral alerts)

• Microsoft Defender (Defender for Endpoint, Defender for Office 365)

• Perform initial investigation and classification:

• True Positive / False Positive

• Severity and impact assessment

• Escalate complex incidents to internal teams

2. Phishing Incident Response

• Analyze phishing reports submitted by users:

• Email headers, URLs, attachments

• Take appropriate response actions:

• Block sender/domain

• Quarantine emails

• Trigger user awareness notifications

• Coordinate with email security policies in Defender

3. Incident Response Focus

• Alert triage and ticket creation
• Basic containment actions (isolate endpoint, block indicators)
• Run predefined playbooks
• Deep-dive investigation of incidents
• Endpoint forensics (via SentinelOne)
• Correlate alerts across tools
• Execute remediation actions (kill processes, isolate machines)

4. Ticketing & Documentation

• Create and update incident tickets (ServiceNow/JIRA or equivalent)
• Maintain clear investigation notes and evidence
• Ensure SLA adherence for response and resolution

5. Threat Detection & Improvement

• Identify recurring patterns and suggest tuning
• Reduce false positives via rule optimization
• Contribute to improving SOC playbooks and runbooks

• SentinelOne (EDR/XDR investigation)

• Microsoft Defender (Endpoint + Email Security)

• Strong understanding of:

• Phishing detection and analysis

• Malware behavior and indicators of compromise (IOCs)

• Email security (SPF, DKIM, DMARC basics)

• Familiarity with SIEM/SOAR tools (nice to have)

Preferred Skills

• Experience with:

• Microsoft Defender for Office 365

• Threat Intelligence platforms

• Basic scripting (PowerShell/Python) for investigation

• Understanding of MITRE ATT&CK framework

Soft Skills

• Strong analytical thinking
• Clear communication (written & verbal)
• Ability to work in fast-paced SOC environment
• High attention to detail

Certifications (Preferred)

• Security+
• CySA+ / CEH
• Microsoft Security Operations Analyst (SC-200)

• $70,000-100,000 per year Company Description We're a leading Investor Services group offering end-to-end services in administration, accounting, reporting, regulatory and compliance needs of the investme…

• 23 days ago

© 2026 Careerjet All rights reserved