Security Operations Center Analyst

Job Description:Key ResponsibilitiesLeadership & Operations• Oversee daily SOC operations, including shift coverage, alert ticketing system, vulnerability scanning, and incident response.• Lead, mentor, and develop SOC analysts; provide coaching, feedback, and escalation support.• Manage SOC workflows, performance metrics, and service delivery KPIs.• Serve as the escalation point for critical incidents and coordinate cross-functional response.• Manage vulnerability program to identify and remediate vulnerabilities across the technology stack. Technical & Incident Response• Guide analysts through investigation, containment, and remediation activities.• Ensure consistent use of SIEM, EDR, SOAR, and threat intelligence tools (e.g., Sumo Logic, Defender, Microsoft 365).• Refine detection rules, playbooks, and response procedures.• Conduct threat intelligence and vulnerability management. Compliance & Audit Readiness• Execute and maintain security and compliance monitoring and audit functions.• Support internal and client audits aligned with NIST 800-171, CMMC, and other standards.• Own audit and control functions, ensuring separation of duties and documentation integrity.• Support Client audits by providing artifacts and being interviewed.• Maintain audit documentation suite and work with Clients to customize to their needs. Stakeholder Engagement• Communicate incident details and SOC updates to internal and external stakeholders.• Support onboarding of new SOC clients, including tuning and baselining.• Collaborate with support and development teams to support broader security initiatives. Program & Process Improvement• Identify opportunities to improve SOC effectiveness, automation, and efficiency.• Contribute to service maturity, including documentation, KPIs, and operational standards.• Conduct disaster recovery and incident response drills. Required Qualifications• Bachelor's Degree• Eligible for a tier three security clearance• 3–5+ years of leadership experience, including people management.• Strong understanding of SIEM/EDR technologies, detection logic, and investigative methodologies.• Experience with regulated environments (e.g., DoD, DFARS/CMMC, NIST 800-171).• Hands-on experience with log aggregation, malware analysis, incident response and DevOps environments. Preferred Skills & Certifications• Experience with Sumo Logic and Microsoft 365.• Certifications: Security+, CySA+, GCIH, GCIA, CISSP, CCA, CCP• Familiarity with MDR/SOC service environments and client onboarding.