SOC Analyst (Onsite)

We’re looking for a SOC Analyst for an onsite role in Columbia, SC. If you’re looking for a new opportunity, apply today!

 Key Responsibilities:

• Proactively monitor Microsoft Sentinel for potential security incidents and anomalies
• Analyze, validate, and respond to detected security incidents in a timely manner
• Escalate incidents as necessary and provide expert guidance on mitigation strategies
• Develop, refine, and optimize KQL queries for enhanced detection and insights
• Train junior analysts on KQL best practices and its application in Microsoft Sentinel
• Document incidents, actions taken, and lessons learned to support continuous improvement
• Generate reports for management detailing incident trends, stats, and recommendations
• Configure and integrate Microsoft Sentinel with other tools and platforms to enhance visibility and detection capabilities
• Maintain and optimize Microsoft Sentinel connectors, playbooks, and automations
• Stay current with emerging threats, tactics, and vulnerabilities that could impact the organization
• Regularly review and update alerting criteria and playbooks based on evolving threats and business needs
• Participate in tabletop exercises and red/blue team simulations to enhance response capabilities

 Skills & Qualifications:

• Must be able to work on a W-2
• 3 years of experience as a SOC analyst
• 2 years of hands-on experience with Microsoft Sentinel
• Proficient in Kusto Query Language (KQL)
• Familiarity with Microsoft Sentinel’s architecture, functionalities, and integration capabilities
• Understanding of threat intelligence platforms and their integration with Microsoft Sentinel

Education/Certifications:

• Microsoft Security Operations Analyst certification

Location: Onsite role in Columbia, SC

This job is primarily an onsite role. You will be required to work at an onsite location. This position may allow up to 60% remote work.

23-00630, SOC Analyst

AAP, EEO