Security Operations Center analysis * Threat hunting * SIEM rule development * Threat intelligence analysis * Incident response * Detection tuning * Behavioral analytics or UEBA * Cloud, endpoint ...
Security Operations Center analysis * Threat hunting * SIEM rule development * Threat intelligence analysis * Incident response * Detection tuning * Behavioral analytics or UEBA * Cloud, endpoint ...
Security Operations Center analysis * Threat hunting * SIEM rule development * Threat intelligence analysis * Incident response * Detection tuning * Behavioral analytics or UEBA * Cloud, endpoint ...
Security Operations Center analysis * Threat hunting * SIEM rule development * Threat intelligence analysis * Incident response * Detection tuning * Behavioral analytics or UEBA * Cloud, endpoint ...
... and/or data center environment. * Splunk Administration experience: Hands-on platform ... Staff Network Security Operations Analyst Intermediate Professional * Requires expanded ...
... and/or data center environment. * Splunk Administration experience: Hands-on platform ... Staff Network Security Operations Analyst Intermediate Professional * Requires expanded ...
... and/or data center environment. * Splunk Administration experience: Hands-on platform ... Staff Network Security Operations Analyst Intermediate Professional * Requires expanded ...
... and/or data center environment. * Splunk Administration experience: Hands-on platform ... Staff Network Security Operations Analyst Intermediate Professional * Requires expanded ...
... of Security Operations Center staff; systems operation of different types of Security Access ... Ability to analyze, diagnose and resolve system performance problems or outages Demonstrated ...
... of Security Operations Center staff; systems operation of different types of Security Access ... Ability to analyze, diagnose and resolve system performance problems or outages Demonstrated ...
... and analysis of response activities. Job-Specific Minimum Requirements: - Ability to document ... operations, incident response, or enterprise security support roles Preferred Skills and ...
... and analysis of response activities. Job-Specific Minimum Requirements: - Ability to document ... operations, incident response, or enterprise security support roles Preferred Skills and ...
Security Operations Shift Lead
Eugene, OR · On-site
... and analysis of response activities. Job-Specific Minimum Requirements: - Ability to document ... operations, incident response, or enterprise security support roles Preferred Skills and ...
Security Operations Shift Lead
Eugene, OR · On-site
... and analysis of response activities. Job-Specific Minimum Requirements: - Ability to document ... operations, incident response, or enterprise security support roles Preferred Skills and ...
Security Operations Shift Lead
Salem, OR · On-site
$60K - $100K/yr
... and analysis of response activities. Job-Specific Minimum Requirements: * Ability to document ... operations, incident response, or enterprise security support roles Preferred Skills and ...
Security Operations Shift Lead
Salem, OR · On-site
$60K - $100K/yr
... and analysis of response activities. Job-Specific Minimum Requirements: * Ability to document ... operations, incident response, or enterprise security support roles Preferred Skills and ...
Senior Cyber Threat Analyst
$99K - $128K/yr
Collaborate with cross-functional teams, including SOC (Security Operations Center) analysts, incident responders, and threat intelligence analysts, to prioritize and investigate potential threats.
Senior Cyber Threat Analyst
$99K - $128K/yr
Collaborate with cross-functional teams, including SOC (Security Operations Center) analysts, incident responders, and threat intelligence analysts, to prioritize and investigate potential threats.
Manager, Security Engineering & Operations
OR · On-site +1
Your mission is to lead the talented analysts who defend our environment (Ops) and the expert ... Security Operations: Assist with the team's security operations work load as needed. In addition to ...
Manager, Security Engineering & Operations
OR · On-site +1
Your mission is to lead the talented analysts who defend our environment (Ops) and the expert ... Security Operations: Assist with the team's security operations work load as needed. In addition to ...
OR · On-site
$114K - $156K/yr
We are looking for a Senior Security Operations Engineer passionate about security and automation ... Excellent analytical & time management skills with the ability to work autonomously or ...
As a Data Center Security Specialist you will be tasked with driving operational security ... Use tools to complete tasks such as workflow ticketing and analyze data to track key performance ...
As a Data Center Security Specialist you will be tasked with driving operational security ... Use tools to complete tasks such as workflow ticketing and analyze data to track key performance ...
As a Data Center Security Specialist you will be tasked with driving operational security ... Use tools to complete tasks such as workflow ticketing and analyze data to track key performance ...
As a Data Center Security Specialist you will be tasked with driving operational security ... Use tools to complete tasks such as workflow ticketing and analyze data to track key performance ...
Sr. Analyst, Cyber Threat Intelligence
OR · On-site +1
... Security Operations Center architecture. * Experience with leveraging the MITRE ATT&CK, MITRE ... Are comfortable performing malware analysis, infrastructure analysis, OSINT, and log analysis to ...
Sr. Analyst, Cyber Threat Intelligence
OR · On-site +1
... Security Operations Center architecture. * Experience with leveraging the MITRE ATT&CK, MITRE ... Are comfortable performing malware analysis, infrastructure analysis, OSINT, and log analysis to ...
Sr. Analyst, Cyber Threat Intelligence
OR · On-site
... Security Operations Center architecture. * Experience with leveraging the MITRE ATT&CK, MITRE ... Are comfortable performing malware analysis, infrastructure analysis, OSINT, and log analysis to ...
Sr. Analyst, Cyber Threat Intelligence
OR · On-site
... Security Operations Center architecture. * Experience with leveraging the MITRE ATT&CK, MITRE ... Are comfortable performing malware analysis, infrastructure analysis, OSINT, and log analysis to ...
AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global ... As a Data Center Security Specialist (DSS) at an AWS site, you will own the execution of multiple ...
AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global ... As a Data Center Security Specialist (DSS) at an AWS site, you will own the execution of multiple ...
AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global ... analysis and troubleshooting or problem solving experience - 2+ years of work in identifying ...
AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global ... analysis and troubleshooting or problem solving experience - 2+ years of work in identifying ...
AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global ... As a Data Center Security Specialist (DSS) at an AWS site, you will own the execution of multiple ...
AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global ... As a Data Center Security Specialist (DSS) at an AWS site, you will own the execution of multiple ...
... entire security operations center, we will help companies build cyber resilience to grow with ... Provides solutions to complex business problems for area(s) of responsibility where analysis of ...
... entire security operations center, we will help companies build cyber resilience to grow with ... Provides solutions to complex business problems for area(s) of responsibility where analysis of ...
AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global ... As a Data Center Security Specialist (DSS) at an AWS site, you will own the execution of multiple ...
AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global ... As a Data Center Security Specialist (DSS) at an AWS site, you will own the execution of multiple ...
Security Operations Center Analyst information
See Oregon salary details
$18.30 - $23.43
19% of jobs
$24.51 is the 25th percentile. Wages below this are outliers.
$23.43 - $28.56
27% of jobs
$28.56 - $33.69
3% of jobs
The median wage is $33.92 / hr.
$33.69 - $38.82
12% of jobs
$43.18 is the 75th percentile. Wages above this are outliers.
$38.82 - $43.95
16% of jobs
$43.95 - $49.08
6% of jobs
$49.08 - $54.20
3% of jobs
$54.20 - $59.33
4% of jobs
$59.33 - $64.46
1% of jobs
$64.46 - $69.59
2% of jobs
$69.59 - $74.72
5% of jobs
$18
$38
$74
How much do security operations center analyst jobs pay per hour?
What are the key skills and qualifications needed to thrive as a Security Operations Center Analyst, and why are they important?
How much is a SOC analyst paid?
What are the most common challenges Security Operations Center Analysts face during daily operations?
What are Security Operations Center (SOC) Analysts?
What does a security operations center analyst do?
Is SOC analyst still in demand?
What is the difference between Security Operations Center Analyst vs Security Analyst?
| Aspect | Security Operations Center Analyst | Security Analyst |
|---|---|---|
| Certifications | CompTIA Security+, CEH, CISSP (preferred) | CompTIA Security+, CISSP, CISA (preferred) |
| Work Environment | Monitoring security alerts in a SOC, 24/7 shifts | Analyzing security data, conducting risk assessments |
| Employer & Industry Usage | Primarily in security operations centers, cybersecurity firms | Various industries including finance, healthcare, government |
The Security Operations Center Analyst focuses on real-time monitoring and incident response within a SOC environment, often working in shifts. In contrast, a Security Analyst typically conducts broader security assessments, policy development, and risk analysis across organizations. Both roles require similar certifications and are integral to cybersecurity teams, but their daily tasks and work settings differ.
What Does a Security Operations Center Analyst Do?
A security operations center analyst works on the cybersecurity team at an organization to proactively defend the organization's database, website, servers, and network. In this role you control the security alerts and ensure that each alert is taken care of before the threat of hackers gaining access to your company's information is realized. You may run an investigation if you see similar threats repeatedly to see who is attempting to attack your systems and why. Your other duties may include keeping and analyzing a security log, coordinating with other analysts or security team members, and assessing company vulnerability.
Do SOC analysts get paid well?

Full-time
Posted 10 days ago
Lam Research rating
8.7
Based on 45 frontline employees who took The Breakroom Quiz
46th of 430 rated machine equipment manufacturers
Job description
The Cyber Threat Analytics Analyst is responsible for identifying, developing, and improving the organization's ability to detect malicious behavior, suspicious activity, and security anomalies across the enterprise. This role is part Information Security team focused on bringing detection development, threat analysis operationalization, SIEM correlation, behavioral analytics, and AI-assisted threat detection capabilities into the organization.The analyst will work closely with Security Operations, Incident Response, and Vulnerability Management teams to improve detection coverage, reduce false positives, and identify threats that may bypass traditional controls.
Job Responsibilities
- Develop, test, tune, and maintain SIEM detection rules, log correlation searches, alerts, dashboards, and analytics.
- Translate threat intelligence, adversary tactics, and emerging attack trends into actionable detections.
- Build and improve analytics to identify malicious behavior, compromised accounts, lateral movement, and anomalous activity.
- Use AI-driven analytics, UEBA, and behavioral baselining to identify activity that deviates from normal user, endpoint, network, cloud, and application behavior.
- Map detection content to MITRE ATT&CK tactics and techniques to identify coverage strengths and gaps.
- Partner with SOC analysts to improve alert triage, investigation playbooks, enrichment, and escalation criteria.
- Support Incident Response during active investigations by analyzing logs, identifying patterns, and developing new detections from lessons learned.
- Identify gaps in logging, telemetry, and visibility and recommend improvements to security monitoring coverage.
- Document detection logic, assumptions, data sources, expected behavior, response guidance, and tuning decisions.
- Track detection effectiveness, alert fidelity, false positive rates, detection coverage, and time-to-detect improvements.
Who We're Looking For
We are looking for an analytical and curious cybersecurity professional who enjoys finding patterns in large volumes of security data. The ideal candidate understands how attackers operate, how enterprise systems generate security telemetry, and how to turn threat intelligence into meaningful detections. The right person for this role should be comfortable working across SIEM data, endpoint telemetry, identity logs, cloud activity, email security events, network data, and behavioral analytics platforms. They should be able to think like an attacker, understand normal business behavior, and identify signals that indicate suspicious or malicious activity.
Strong candidates will have experience in one or more of the following areas:
- Security Operations Center analysis
- Threat hunting
- SIEM rule development
- Threat intelligence analysis
- Incident response
- Detection tuning
- Behavioral analytics or UEBA
- Cloud, endpoint, identity, or network security monitoring
Preferred Qualifications
- Experience with SIEM platforms such as Microsoft Sentinel, Splunk, Exabeam, Securonix, or similar tools.
- Experience writing detection queries using KQL, SPL, SQL, or similar query languages.
- Familiarity with Microsoft Defender XDR, Defender for Endpoint, Defender for Identity, Microsoft Sentinel, Entra ID, or similar security platforms.
- Understanding of MITRE ATT&CK and common adversary tactics, techniques, and procedures.
- Experience using threat intelligence to create detections and threat hunting hypotheses.
- Experience with AI-assisted analytics, UEBA, anomaly detection, or behavioral baselining.
- Familiarity with cloud security monitoring across Azure, AWS, or Google Cloud.
- Ability to analyze logs from identity systems, endpoints, firewalls, proxies, email gateways, SaaS applications, and cloud platforms.
- Experience documenting detection logic, investigation steps, and response guidance.
- Scripting or automation experience with Python, PowerShell, Logic Apps, or similar tools.
- Familiarity with MISP, STIX/TAXII, threat intelligence feeds, or indicator management.
- Certifications such as GCIH, GCIA, GCDA, GMON, GCTI, GCFA, Security+, CySA+, CISSP, or equivalent experience.
Our commitment
We believe it is important for every person to feel valued, included, and empowered to achieve their full potential. By bringing unique individuals and viewpoints together, we achieve extraordinary results.
Lam Research ("Lam" or the "Company") is an equal opportunity employer. Lam is committed to and reaffirms support of equal opportunity in employment and non-discrimination in employment policies, practices and procedures on the basis of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex (including pregnancy, childbirth and related medical conditions), gender, gender identity, gender expression, age, sexual orientation, or military and veteran status or any other category protected by applicable federal, state, or local laws. It is the Company's intention to comply with all applicable laws and regulations. Company policy prohibits unlawful discrimination against applicants or employees.
Lam offers a variety of work location models based on the needs of each role. Our hybrid roles combine the benefits of on-site collaboration with colleagues and the flexibility to work remotely and fall into two categories - On-site Flex and Virtual Flex. 'On-site Flex' you'll work 3+ days per week on-site at a Lam or customer/supplier location, with the opportunity to work remotely for the balance of the week. 'Virtual Flex' you'll work 1-2 days per week on-site at a Lam or customer/supplier location, and remotely the rest of the time.
Our Perks and Benefits
At Lam, our people make amazing things possible. That's why we invest in you throughout the phases of your life with a comprehensive set of outstanding benefits.
What Lam Research employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Lam Research
Sourced by ZipRecruiter
Lam Research designs and builds products for semiconductor manufacturing, including equipment for thin film deposition, plasma etch, photoresist strip, and wafer cleaning processes.
Industry
Manufacturing
Company size
10,000+ Employees
Headquarters location
Fremont, CA, US
Year founded
1980