Job Closed
This listing is no longer active.
Trusted local advisors enhanced by specialists nationwide. (NYSE: CBZ)
SOC Analyst I
Location
New York
Posted
110 days ago
Salary
$23 - $26 / hour
Seniority
Junior
Job Description
SOC Analyst I
CBIZ
• Monitor and respond to clients through all supported email, messaging, and phone platforms • Proactively monitor security dashboards to detect and respond to emerging threats in real-time • Identify alerts that require additional analysis and facilitate their escalation– internally or externally –for further investigation and resolution • Meet minimum standards of initial triage and analysis before escalating • Understand, identify, and research Indicators of Compromise (IOCs) to support threat detection and incident response efforts • Review and analyze security logs and event data from various sources, such as firewalls, intrusion detection systems, and endpoint security tools to identify potential security incidents • Complete all assigned internal and external reports by their deadlines, or in a timely manner if one is not provided • Receive and perform initial triage of security alerts, assess their severity, and determine appropriate actions for resolution • Contribute to tuning of managed security tools by identifying trends and optimizing alert fidelity • Stay informed about the latest cybersecurity threats, vulnerabilities, and attack techniques, and apply this knowledge to enhance the SOC's threat detection capabilities • Perform threat hunts to ensure proactive, in-depth client security • Monitor and maintain unassigned and assigned ticket queues, ensuring timely resolution and effective communication with stakeholders • Maintain average ticket processing time checkpoints in accordance with SLA’s - time to acknowledge, time to triage, and time to notify • Completing all assigned training in agreed upon time frames
Job Requirements
- College Degree or equivalent required
- 1 year related experience
- Proficient use of applicable technology
- Ability to follow technical instructions and guidelines
- Ability to document daily activities and system functions
- Able to work in a team environment
- Demonstrated ability to communicate verbally and in writing throughout all levels of an organization, both internally and externally
- Ability to travel as required by business and on-call availability
- Able to lift up to 50 lbs.
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
• Oversee and continuously elevate our security posture • Monitor and manage the lifecycle of our security audits, certifications, and internal controls • Own our security whitepapers and related InfoSec collateral • Proactively guide prospects through InfoSec, compliance, and security architecture conversations • Partner closely with Legal and Compliance to ensure alignment on policies • Manage and streamline InfoSec questionnaires • Manage day-to-day security and compliance operations • Work hand-in-hand with Solution Architects and DevOps to translate security requirements
• Design, implement, and tune high-fidelity detections across cloud, endpoint, SaaS, identity, and application environments • Build and optimize queries, alerts, and correlation logic within our SIEM and EDR platforms • Participate in SOC on-call rotation and serve as escalation point for high-severity incidents • Lead complex investigations across endpoint, cloud, SaaS, and identity environments • Triage and validate high-impact alerts, ensuring consistent investigative rigor and documentation • Conduct proactive threat hunting to identify gaps in detection coverage • Drive continuous improvement of playbooks, runbooks, and case management standards • Build custom security tooling to improve alert enrichment, investigation, and response • Develop integrations between security tools and internal systems via APIs • Automate repetitive investigative workflows and containment actions • Improve signal quality and reduce false positives across the stack • Contribute to guardrails and enforcement mechanisms across cloud and SaaS environments • Serve as the technical escalation point for high-severity incidents • Lead complex investigations and root cause analysis • Improve and mature incident response playbooks and processes • Conduct post-incident analysis and drive systemic improvements • Raise the technical bar within the SOC through mentorship and code/detection review • Establish standards for detection quality and investigation rigor • Partner closely with AppSec, Infrastructure Security, IT, and Engineering • Help shape the SOC and detection engineering roadmap
• SIEM Platform Management • Log Source Integration • Content Development and Optimization • Performance Monitoring and Optimization • Documentation and Reporting • Security Incident Response • Client Engagement and Advisory • Collaboration and Support • Continuous Learning and Threat Awareness
• Monitor security events and logs from a variety of systems and networks in Datadog • Identify potential security incidents and threats • Perform analysis and investigations, correlating events and data to detect security incidents • Develop, document, and evolve processes and procedures for responding to security incidents • Provide technical guidance, training, and support to other members of the security team • Maintain an up-to-date knowledge of security threats, vulnerabilities, and countermeasures • Work independently with customers on implementations and remote services • Troubleshoot basic configuration/script issues • Attend requirements review and validation sessions as needed • Utilize strong written and verbal communication skills • Stay on time and on task with assigned customer work
