Actively monitor SIEM, IDS/IPS, EDR, firewalls, and other security systems for suspicious activity
Triage and analyze security alerts, identifying true threats vs. false positives
Support incident response activities including triage, containment, eradication, and recovery
Analyze security logs and correlate events across multiple sources
Integrate threat intelligence into monitoring workflows and incident investigations
Document incident details, timelines, and actions taken
Assist in tuning, configuring, and maintaining security tools
Support compliance initiatives aligned to NIST, FISMA, and internal policies
Collaborate with SOC team members, incident responders, and IT operations
Maintain awareness of emerging cyber threats, vulnerabilities, and security practices

Requirements

Bachelor’s degree in computer science, information technology, cybersecurity, or equivalent experience
Proven experience working in a SOC or similar cybersecurity environment
Strong understanding of networking concepts and protocols (TCP/IP, DNS, HTTP, etc.)
Proficiency using SIEM tools, especially Splunk
Familiarity with IDS/IPS, EDR, and other security platforms (Snort, Suricata, CrowdStrike, SentinelOne)
Basic to intermediate scripting skills (Python, Bash) for automation and analysis
Strong analytical and problem‑solving skills
Excellent communication and teamwork abilities
Ability to operate in a fast‑paced 24/7 SOC environment
Knowledge of common operating systems (Windows, Linux, macOS)
Understanding of cloud security concepts

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SIEMIDSIPSEDRnetworking conceptsTCP/IPDNSHTTPscripting (Python, Bash)cloud security

Soft Skills

analytical skillsproblem-solving skillscommunication abilitiesteamwork abilities