About the position

We are seeking a highly experienced Level 3 SOC Analyst to join our IT Security Operations team. This is a 100% remote role, supporting Arizona hours, specifically the 3rd shift from 8 PM to 6 AM. The ideal candidate will have a strong background in Security Operations Centers (SOC) and incident response, with specific expertise in using Splunk for monitoring and investigations. In this role, you will be responsible for monitoring and responding to security events in a Splunk Security Information and Event Management (SIEM) environment. You will investigate and respond to proxy logs, suspicious emails, network traffic, and other potential security threats. Conducting thorough investigations of incidents including phishing attempts, unauthorized software, suspicious processes, and policy violations will be a key part of your responsibilities. You will collaborate with a team of analysts to ensure effective response and mitigation of security incidents. Additionally, you will play a key role in maturing SOC operations, including detection capabilities, Standard Operating Procedures (SOPs), and alerting structures. Identifying and implementing process improvement opportunities to enhance the overall security posture will be essential. You will also assist in training and mentoring junior analysts, sharing knowledge and best practices to foster a collaborative and supportive team environment.

Responsibilities • Monitor and respond to security events in a Splunk SIEM environment. , • Investigate and respond to proxy logs, suspicious emails, network traffic, and other potential security threats. , • Conduct thorough investigations of incidents including phishing attempts, unauthorized software, suspicious processes, and policy violations. , • Collaborate with a team of analysts to ensure effective response and mitigation of security incidents. , • Play a key role in maturing SOC operations, including detection capabilities, SOPs, and alerting structures. , • Identify and implement process improvement opportunities to enhance overall security posture. , • Assist in training and mentoring junior analysts, sharing knowledge and best practices.

Requirements • 4+ years of experience working in a Security Operations Center (SOC). , • 2+ years of experience in Cyber Incident Response Team (CIRT) operations. , • Hands-on experience with Splunk, including navigating events and actioning requests. , • Proficiency in responding to proxy logs and investigating suspicious emails. , • Strong analytical and problem-solving skills with attention to detail.

Nice-to-haves • Relevant security certifications such as Security+ (SEC+). , • Experience in Blue Team hacking and proactive defense strategies.

Benefits Apply Job!