Senior SOC Analyst

Saffire, LLC

full-time

Posted on: 12/20/2025

Location Type: Hybrid

Location: Frisco • Pennsylvania, Texas • 🇺🇸 United States

✨ AI Apply

Senior

Python

About the role

Build and operationalize SOC playbooks and escalation workflows.
Lead alert triage, enrichment, and false-positive suppression.
Author detection requirements; write and tune SIEM rules.
Develop hunt hypotheses; lead hunt programs using advanced telemetry and signals intelligence.
Design detection strategies across the kill chain; drive enterprise detection strategy.
Execute incidents end-to-end: containment/eradication, documentation, and communication.
Conduct post-incident reviews and drive remediation and control improvements.
Encourage industry collaboration; embed resilient detection engineering practices.
Advocate and implement automation-first incident response.

Proven experience in a SOC or equivalent detection & response function.
3-5 years in Security Operations, Detection & Response, or Incident Handling (SOC experience required).
Hands-on experience with SIEM (e.g., SecOps, Sentinel, QRadar), EDR (e.g., CrowdStrike, Defender, SentinelOne), and SOAR platforms.
Proficient in authoring detections, rule tuning, enrichment pipelines, and alert routing.
Demonstrated capability in building and executing IR playbooks and containment/eradication plans.
Experience conducting post-incident reviews and RCAs, and delivering corrective action plans to engineering teams.
Scripting skills (Python/PowerShell/Bash) for automation, enrichment, and data wrangling.
Excellent written communication for case documentation and executive-ready incident summaries.

Benefits

Tip: use these terms in your resume and cover letter to boost ATS matches.

SIEMEDRSOARscriptingPythonPowerShellBashincident responsedetection engineeringalert routing

written communicationcollaborationleadershipdocumentationproblem-solvinganalytical thinkingcommunicationteamworkadaptabilitycritical thinking