Job Description

Job Description: SOC Analyst

Role: Security Operations Center (SOC) Analyst

Experience: 5 8 Years

Role Overview

Seeking a hands-on SOC Analyst to provide immediate operational support and free up internal security staff . This role focuses on real-time monitoring, triage, and response to security alerts across endpoint protection, phishing incidents, and email security tools.

Primary responsibility includes working with:

• SentinelOne (EDR/XDR alerts)
• Microsoft Defender (Email, Endpoint, Identity alerts)
• Phishing reports from end-users

Key Responsibilities

1. Security Alert Monitoring & Triage

• Monitor and triage alerts from:
  • SentinelOne (malware, suspicious activity, behavioral alerts)
  • Microsoft Defender (Defender for Endpoint, Defender for Office 365)
• Perform initial investigation and classification :
  • True Positive / False Positive
  • Severity and impact assessment
• Escalate complex incidents to internal teams

2. Phishing Incident Response

• Analyze phishing reports submitted by users:
  • Email headers, URLs, attachments
• Take appropriate response actions:
  • Block sender/domain
  • Quarantine emails
  • Trigger user awareness notifications
• Coordinate with email security policies in Defender

3. Incident Response

Focus

• Alert triage and ticket creation
• Basic containment actions (isolate endpoint, block indicators)
• Run predefined playbooks
• Deep-dive investigation of incidents
• Endpoint forensics (via SentinelOne)
• Correlate alerts across tools
• Execute remediation actions (kill processes, isolate machines)

4. Ticketing & Documentation

• Create and update incident tickets (ServiceNow/JIRA or equivalent)
• Maintain clear investigation notes and evidence
• Ensure SLA adherence for response and resolution

5. Threat Detection & Improvement

• Identify recurring patterns and suggest tuning
• Reduce false positives via rule optimization
• Contribute to improving SOC playbooks and runbooks

Required Skills & Qualifications

Core Technical Skills

• Hands-on experience with:
  • SentinelOne (EDR/XDR investigation)
  • Microsoft Defender (Endpoint + Email Security)
• Strong understanding of:
  • Phishing detection and analysis
  • Malware behavior and indicators of compromise (IOCs)
  • Email security (SPF, DKIM, DMARC basics)
• Familiarity with SIEM/SOAR tools (nice to have)

Preferred Skills

• Experience with:
  • Microsoft Defender for Office 365
  • Threat Intelligence platforms
• Basic scripting (PowerShell/Python) for investigation
• Understanding of MITRE ATT&CK framework

Soft Skills

• Strong analytical thinking
• Clear communication (written & verbal)
• Ability to work in fast-paced SOC environment
• High attention to detail

Certifications (Preferred)

• Security+
• CySA+ / CEH
• Microsoft Security Operations Analyst (SC-200)

Note: Momento USA is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Job Tags

Similar Jobs