1

Security Operations Center Jobs in Raleigh, NC (NOW HIRING)

SOC Engineer

Raleigh, NC · On-site

$110K - $135K/yr

The SOC Engineer will be working in a security operations center leveraging SOC tools, communicating incidents / threats and assisting with response. The SOC Engineer role is a hybrid position ...

Security Operations Management: Lead and manage the Security Operations Center (SOC) team responsible for monitoring, detecting, and responding to security incidents and threats. Establish incident ...

GSOC Operator

Holly Springs, NC

$15.25 - $20.50/hr

The Global Security Operations Center (GSOC) Operator, under guidance of GSOC Supervisor, is responsible for assisting company personnel in all concerns that pertain to safety and security for ...

GSOC Operator

Holly Springs, NC · On-site

$15.25 - $20.50/hr

The Global Security Operations Center (GSOC) Operator, under guidance of GSOC Supervisor, is responsible for assisting company personnel in all concerns that pertain to safety and security for ...

next page

Showing results 1-20

Security Operations Center information

See Raleigh, NC salary details

$7

$19

$27

How much do security operations center jobs pay per hour?

As of Jul 10, 2026, the average hourly pay for security operations center in Raleigh, NC is $19.27, according to ZipRecruiter salary data. Most workers in this role earn between $16.83 and $20.82 per hour, depending on experience, location, and employer.

What is a Security Operations Center job?

A Security Operations Center (SOC) job involves monitoring, detecting, analyzing, and responding to cybersecurity threats in real time. SOC analysts use various security tools to identify suspicious activities, mitigate risks, and protect an organization's digital assets. They work in a team environment, following incident response protocols to contain threats and prevent breaches. SOC professionals also conduct vulnerability assessments, generate reports, and collaborate with other IT teams to strengthen security defenses. The role requires knowledge of cybersecurity principles, threat intelligence, and security technologies.

What are the key skills and qualifications needed to thrive in the Security Operations Center position, and why are they important?

To thrive in a Security Operations Center, you need strong analytical abilities, a solid understanding of cybersecurity principles, and typically a degree in computer science or a related field. Familiarity with SIEM (Security Information and Event Management) tools, intrusion detection/prevention systems, and certifications like CompTIA Security+, CISSP, or CEH are highly valued. Attention to detail, effective communication, and the ability to remain calm under pressure are crucial soft skills. These competencies enable professionals to quickly detect, analyze, and mitigate security threats while collaborating efficiently with IT and management teams.

What is the highest paying security job?

The highest paying security jobs are often senior roles such as Security Director, Chief Information Security Officer (CISO), or Security Architect, with salaries reaching six figures or more. These positions typically require extensive experience, advanced certifications like CISSP or CISM, and strong leadership skills in managing security strategies and teams.

What does a security operations center do?

A Security Operations Center (SOC) monitors and analyzes an organization’s security posture using tools like intrusion detection systems and security information and event management (SIEM) platforms. SOC analysts detect, respond to, and mitigate cybersecurity threats and incidents to protect critical systems and data around the clock.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role can be entry level, especially for those with basic cybersecurity knowledge, certifications like CompTIA Security+ or Cisco's CCNA, and strong analytical skills. However, many SOC positions require some prior experience or technical training, and advancement often involves gaining experience and additional certifications.

Is SOC analyst a high paying job?

A SOC analyst typically earns a competitive salary that varies by experience, location, and employer. Entry-level positions may start lower, but experienced analysts with certifications like CISSP or CEH can earn higher salaries, making it a financially rewarding cybersecurity role.

What does a typical workday look like for someone in a Security Operations Center (SOC) role?

A typical day in a Security Operations Center involves monitoring network activity for suspicious behavior, responding to real-time security incidents, and conducting daily threat analysis using specialized software. SOC professionals often work in shifts within a collaborative, fast-paced team environment where quick decision-making and constant vigilance are required. Tasks may also include generating incident reports, performing vulnerability assessments, and coordinating with other departments to strengthen organizational security. This dynamic, hands-on role provides valuable experience and can serve as a strong foundation for advancing into more specialized cybersecurity positions.

What are the most commonly searched types of Security Operations Center jobs in Raleigh, NC? The most popular types of Security Operations Center jobs in Raleigh, NC are:
What are popular job titles related to Security Operations Center jobs in Raleigh, NC? For Security Operations Center jobs in Raleigh, NC, the most frequently searched job titles are:
What job categories do people searching Security Operations Center jobs in Raleigh, NC look for? The top searched job categories for Security Operations Center jobs in Raleigh, NC are:
What cities near Raleigh, NC are hiring for Security Operations Center jobs? Cities near Raleigh, NC with the most Security Operations Center job openings:
Infographic showing various Security Operations Center job openings in Raleigh, NC as of July 2026, with employment types broken down into 2% As Needed, 74% Full Time, 20% Part Time, 1% Temporary, and 3% Contract. Highlights an 96% Physical, 1% Hybrid, and 3% Remote job distribution, with an average salary of $40,091 per year, or $19.3 per hour.
Security Engineer - Privileged Access Management Oversight

Security Engineer - Privileged Access Management Oversight

Truist

Raleigh, NC

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 15 days ago


Truist rating

8.1

Company rating: 8.1 out of 10

Based on 114 frontline employees who took The Breakroom Quiz

47th of 146 rated banks


Job description

The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.

Need Help?

If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries won't receive a response).

Regular or Temporary:

Regular

Language Fluency: English (Required)

Work Shift:

1st shift (United States of America)Please review the following job description:This role is responsible for designing, implementing, and enhancing technical controls and monitoring solutions that detect and prevent unauthorized use of privileged access across the enterprise.
This role plays a critical part in identifying anomalous and high-risk access behaviors by leveraging advanced detection tools, including SIEM platforms (Splunk) and endpoint detection solutions (CrowdStrike). The engineer partners closely with Security Operations, IAM, and Infrastructure teams to develop detection use cases, improve visibility, and strengthen the organization's security posture.

ESSENTIAL DUTIES AND RESPONSIBILITIES
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

  • Identify and define unauthorized access scenarios, including credential misuse, privilege escalation, and anomalous account behavior.

  • Develop and tune Splunk/CrowdStrike queries, correlation searches, and alerts to detect suspicious privileged activity.

  • Leverage CrowdStrike (or equivalent EDR tools) to monitor endpoint-level indicators of compromise, lateral movement, and misuse of elevated privileges

  • Build and maintain detection use cases aligned with MITRE ATT&CK techniques related to identity and access abuse.

  • Correlate data from multiple sources (identity systems, logs, endpoints, cloud platforms) to identify potential threats.

  • Partner with Security Operations Center (SOC) and Incident Response teams to escalate and respond to confirmed incidents.

  • Design and implement automated detection and response mechanisms for privileged access risks.

  • Develop scripts or integrations (e.g., Python, APIs) to enhance monitoring, alerting, and reporting capabilities.

  • Continuously improve detection logic to reduce false positives and increase detection accuracy

  • Provide technical expertise to improve visibility into privileged account usage across on-prem and cloud environments.

  • Contribute to enforcement of least privilege and just-in-time access models through monitoring and analytics.

  • Create dashboards and reports in Splunk to track privileged access activity, trends, and risks.

  • Recommend improvements to detection coverage based on threat intelligence and incident learnings

Qualifications
Required Qualifications
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Bachelor's degree or equivalent education, training, and work-related experience.

  • Minimum of 5 years of experience in security engineering or related cybersecurity roles.

  • Advanced knowledge in cybersecurity principles, theories, and concepts.

  • Proven experience in software development lifecycle security practices.

  • Advanced knowledge of threat modeling, security testing, and penetration testing.

  • Experience implementing and managing complex information security technologies.

Preferred Qualifications

  • Experience developing detection use cases and threat hunting techniques for identity-based attacks.
  • Strong expertise in:
    • SIEM engineering and log analysis
    • Behavioral analytics and anomaly detection
    • Identity Threat Detection and Response (ITDR)
  • Experience with PAM tools such as StrongDM and CyberArk.
  • Familiarity with frameworks such as:
    • MITRE ATT&CK (especially credential access and privilege escalation techniques)
    • NIST and CRI Cybersecurity Framework
  • Scripting and automation skills (e.g., Python, PowerShell).
  • Experience integrating multiple data sources (cloud logs, Active Directory, EDR telemetry) into SIEM platforms.
  • Relevant certifications such as:
    • CISSP, GIAC (GCIA, GCIH), CEH, or Security+
  • Strong analytical, problem-solving, and communication skills.

General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position.Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist's generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist's defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.

EEO is the Law E-Verify IER Right to Work


What Truist employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Truist logo

About Truist

Sourced by ZipRecruiter

Truist is combining distinctive personal service with investments in innovation to create transformational client experiences. We believe the unique blend of human touch and innovative technology will set us apart, instill confidence, and build deeper levels of trust with our clients

Industry

Finance and insurance

Company size

10,000+ Employees

Headquarters location

Charlotte, NC, US

Year founded

2019