SOC Analyst 1

The SOC Analyst I is responsible for supporting day-to-day security operations by monitoring, analyzing, and responding to security events and incidents. This role works closely with other security team members to improve threat visibility, detect and prevent malicious activity, and protect organizational data, systems, and intellectual property., * Investigate and analyze escalated security incidents, including malware, phishing, insider threats, and advanced threats.

• Support and participate in incident response activities across all phases of the incident lifecycle.
• Utilize SIEM, UEBA, and related security tools to analyze logs, correlate events, and identify suspicious activity.
• Conduct proactive threat hunting by identifying indicators of compromise and abnormal behavior patterns.
• Collaborate with security engineering teams to tune and optimize detection tools to improve effectiveness and reduce false positives.
• Perform forensic analysis to determine scope, impact, and root cause of security incidents.
• Partner with governance, risk, and compliance teams to prioritize and track remediation of identified vulnerabilities.
• Develop clear and detailed incident reports with analysis and recommendations.
• Contribute to incident response playbooks, processes, and security documentation.
• Collaborate with and support other SOC analysts through knowledge sharing and operational coordination.
• Identify opportunities to improve security monitoring, response processes, and overall security posture.

• 2-6 years of experience in security operations, incident response, SOC analysis, or related cybersecurity roles.
• Hands-on experience with SIEM and security analytics platforms.
• Ability to analyze complex security events and correlate multiple data sources.
• Working knowledge of threat detection, incident response, and security monitoring practices.
• Strong analytical, investigative, and documentation skills., * Experience with security platforms such as Securonix, DLP solutions, EDR, and SOAR technologies.
• Scripting or automation experience (e.g., Python).
• Industry certifications such as Security+, GSEC, CySA+, or equivalent.
• Experience contributing to continuous improvement within a security operations environment., Candidates must be legally authorized to work in the United States. Employment eligibility verification will be required at the time of hire.

Cognizant is one of the world's leading professional services companies, helping organizations modernize technology, strengthen security posture, and protect critical information assets. Cognizant supports secure, resilient, and compliant operations across complex and regulated environments., We believe hybrid work is the way forward as we strive to provide flexibility wherever possible. Based on this role's business requirements, this is a hybrid position requiring 3 days a week in our office in Blue Ash, Ohio. Regardless of your working arrangement, we are here to support a healthy work-life balance though our various wellbeing programs. The working arrangements for this role are accurate as of the date of posting. This may change based on the project you're engaged in, as well as business and client requirements. Rest assured; we will always be clear about role expectations. We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role.