Senior Security Operations Center (SOC) Analyst
Description
We are seeking a highly skilled and experiencedSenior SOC Analyst to join our Security Operations Center. This role is pivotal in defending enterprise assets against advanced threats through proactive monitoring, threat hunting, and incident response. The ideal candidate will have deep expertise in CrowdStrike Falcon, Microsoft Sentinel, and a strong understanding of network and operating system internals across Windows, Linux, and macOS. Experience in cloud incident investigations (Azure, AWS, GCP) is essential.
Key Responsibilities:
• Threat Detection & Response
• Monitor and triage alerts from CrowdStrike Falcon and Microsoft Sentinel.
• Lead investigations into endpoint and network security incidents including malware, privilege escalation, lateral movement, and data exfiltration.
• Execute containment and remediation strategies for identified threats.
• Threat Hunting & Analysis
• Conduct proactive threat hunts using CrowdStrike telemetry and threat intelligence.
• Perform forensic analysis of compromised systems and malware samples.
• Analyze network logs and packet captures to identify anomalies and attacker behavior.
• Cloud Security & Incident Investigations
• Investigate cloud-based incidents across Azure, AWS, and GCP environments.
• Assess cloud logging readiness and ensure audit trails are complete and actionable.
• Collaborate with cloud operations teams to improve detection and response capabilities.
• Process Improvement & Automation
• Develop and refine playbooks, runbooks, and standard operating procedures.
• Tune SIEM rules and EDR policies to reduce false positives and improve alert fidelity.
• Participate in red/blue team exercises and contribute to continuous SOC maturity.
• Collaboration & Leadership
• Serve as an escalation point for Tier 1 and Tier 2 analysts.
• Mentor junior SOC staff and contribute to team knowledge sharing.
• Interface with threat intelligence, incident response, and executive stakeholders.
• Protect the security and privacy of Absolute and its customers
• Other duties as assigned by management
Required Qualifications:
• 4-7 years of experience in a SOC or cybersecurity analyst role.
• Expert-level proficiency with CrowdStrike Falcon and Microsoft Defender.
• Strong understanding of MITRE ATT&CK, malware behaviors, and incident response.
• Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, Elastic).
• Deep knowledge of Windows, Linux, and macOS internals.
• Proficiency in scripting (Python, PowerShell) and log analysis.
• Excellent written and verbal communication skills.
Preferred Certifications:
• CrowdStrike Certified Falcon Responder (CCFR)
• CrowdStrike Certified Falcon Administrator (CCFA)
• GIAC (GCIA, GCIH), CySA+, or equivalent
Education:
• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience.
Apply tot his job
Apply To this Job
We are seeking a highly skilled and experiencedSenior SOC Analyst to join our Security Operations Center. This role is pivotal in defending enterprise assets against advanced threats through proactive monitoring, threat hunting, and incident response. The ideal candidate will have deep expertise in CrowdStrike Falcon, Microsoft Sentinel, and a strong understanding of network and operating system internals across Windows, Linux, and macOS. Experience in cloud incident investigations (Azure, AWS, GCP) is essential.
Key Responsibilities:
• Threat Detection & Response
• Monitor and triage alerts from CrowdStrike Falcon and Microsoft Sentinel.
• Lead investigations into endpoint and network security incidents including malware, privilege escalation, lateral movement, and data exfiltration.
• Execute containment and remediation strategies for identified threats.
• Threat Hunting & Analysis
• Conduct proactive threat hunts using CrowdStrike telemetry and threat intelligence.
• Perform forensic analysis of compromised systems and malware samples.
• Analyze network logs and packet captures to identify anomalies and attacker behavior.
• Cloud Security & Incident Investigations
• Investigate cloud-based incidents across Azure, AWS, and GCP environments.
• Assess cloud logging readiness and ensure audit trails are complete and actionable.
• Collaborate with cloud operations teams to improve detection and response capabilities.
• Process Improvement & Automation
• Develop and refine playbooks, runbooks, and standard operating procedures.
• Tune SIEM rules and EDR policies to reduce false positives and improve alert fidelity.
• Participate in red/blue team exercises and contribute to continuous SOC maturity.
• Collaboration & Leadership
• Serve as an escalation point for Tier 1 and Tier 2 analysts.
• Mentor junior SOC staff and contribute to team knowledge sharing.
• Interface with threat intelligence, incident response, and executive stakeholders.
• Protect the security and privacy of Absolute and its customers
• Other duties as assigned by management
Required Qualifications:
• 4-7 years of experience in a SOC or cybersecurity analyst role.
• Expert-level proficiency with CrowdStrike Falcon and Microsoft Defender.
• Strong understanding of MITRE ATT&CK, malware behaviors, and incident response.
• Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, Elastic).
• Deep knowledge of Windows, Linux, and macOS internals.
• Proficiency in scripting (Python, PowerShell) and log analysis.
• Excellent written and verbal communication skills.
Preferred Certifications:
• CrowdStrike Certified Falcon Responder (CCFR)
• CrowdStrike Certified Falcon Administrator (CCFA)
• GIAC (GCIA, GCIH), CySA+, or equivalent
Education:
• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience.
Apply tot his job
Apply To this Job