SOC Tier 2 Analyst
Portland, OR · On-site
Review and investigate alerts escalated by SOC Analyst 1 or automated SOC workflows to validate severity, scope, potential impact, and required response actions. * Analyze suspicious activity ...
SOC Tier 2 Analyst
Portland, OR · On-site
Review and investigate alerts escalated by SOC Analyst 1 or automated SOC workflows to validate severity, scope, potential impact, and required response actions. * Analyze suspicious activity ...
SOC Tier 1 Analyst
Portland, OR · On-site
The SOC Analyst 1 supports the organization's security operations by monitoring security events, performing first-level alert triage, validating suspicious activity, documenting tickets, and ...
SOC Tier 1 Analyst
Portland, OR · On-site
The SOC Analyst 1 supports the organization's security operations by monitoring security events, performing first-level alert triage, validating suspicious activity, documenting tickets, and ...
SOC Tier 2 Analyst
Portland, OR · On-site
Responsibilities : • Review and investigate alerts escalated by SOC Analyst 1 or automated SOC workflows to validate severity, scope, potential impact, and required response actions. • Analyze ...
SOC Tier 2 Analyst
Portland, OR · On-site
Responsibilities : • Review and investigate alerts escalated by SOC Analyst 1 or automated SOC workflows to validate severity, scope, potential impact, and required response actions. • Analyze ...
SOC Tier 3 Analyst
Portland, OR · On-site
$88K - $104K/yr
Review and resolve escalated findings from SOC Analyst 1 and SOC Analyst 2, including disputed severity, inconclusive evidence, or multi-source correlation challenges. * Provide technical facts, risk ...
SOC Tier 3 Analyst
Portland, OR · On-site
$88K - $104K/yr
Review and resolve escalated findings from SOC Analyst 1 and SOC Analyst 2, including disputed severity, inconclusive evidence, or multi-source correlation challenges. * Provide technical facts, risk ...
SOC Tier 3 Analyst
Portland, OR · On-site
... 1 and SOC Analyst 2, including disputed severity, inconclusive evidence, or multi-source correlation challenges. • Provide technical facts, risk context, and recommended response priorities to SOC ...
SOC Tier 3 Analyst
Portland, OR · On-site
... 1 and SOC Analyst 2, including disputed severity, inconclusive evidence, or multi-source correlation challenges. • Provide technical facts, risk context, and recommended response priorities to SOC ...
SOC Analyst
Tampa, FL · On-site
Position Overview The Tier 1 Security Operations Center (SOC) Analyst contributes to the protection of client assets and information by monitoring security events and responding to incidents. The ...
SOC Analyst
Tampa, FL · On-site
Position Overview The Tier 1 Security Operations Center (SOC) Analyst contributes to the protection of client assets and information by monitoring security events and responding to incidents. The ...
SOC Analyst
Durham, NC · On-site
Candidate must have a minimum of 1-2 years of experience as an analyst in a SOC or similar environment. * Working knowledge of various SOC tools and their usage for detecting intrusion attempts.
SOC Analyst
Durham, NC · On-site
Candidate must have a minimum of 1-2 years of experience as an analyst in a SOC or similar environment. * Working knowledge of various SOC tools and their usage for detecting intrusion attempts.
Candidate must have a minimum of 1-2 years of experience as an analyst in a SOC or similar environment. * Working knowledge of various SOC tools and their usage for detecting intrusion attempts.
Candidate must have a minimum of 1-2 years of experience as an analyst in a SOC or similar environment. * Working knowledge of various SOC tools and their usage for detecting intrusion attempts.
SOC Analyst
Durham, NC · On-site
Candidate must have a minimum of 1-2 years of experience as an analyst in a SOC or similar environment. * Working knowledge of various SOC tools and their usage for detecting intrusion attempts.
SOC Analyst
Durham, NC · On-site
Candidate must have a minimum of 1-2 years of experience as an analyst in a SOC or similar environment. * Working knowledge of various SOC tools and their usage for detecting intrusion attempts.
SOC Analyst
Tampa, FL · On-site
Position Overview The Tier 1 Security Operations Center (SOC) Analyst contributes to the protection of client assets and information by monitoring security events and responding to incidents. The ...
Quick apply
SOC Analyst
Tampa, FL · On-site
Position Overview The Tier 1 Security Operations Center (SOC) Analyst contributes to the protection of client assets and information by monitoring security events and responding to incidents. The ...
SOC Tier 1 Analyst
Portland, OR · On-site
They are seeking a SOC Tier 1 Analyst to support security operations by monitoring security events, performing first-level alert triage, and escalating confirmed incidents as necessary.
SOC Tier 1 Analyst
Portland, OR · On-site
They are seeking a SOC Tier 1 Analyst to support security operations by monitoring security events, performing first-level alert triage, and escalating confirmed incidents as necessary.
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
SOC Analyst
Baltimore, MD · On-site
$31.25 - $40.87/hr
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
SOC Analyst
Baltimore, MD · On-site
$31.25 - $40.87/hr
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
SOC Analyst
Baltimore, MD · On-site
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
SOC Analyst
Baltimore, MD · On-site
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
SOC Analyst
Denver, CO · On-site
$31.25 - $40/hr
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
SOC Analyst
Denver, CO · On-site
$31.25 - $40/hr
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
The SOC Analyst will monitor agency systems and daily log events to identify potential security ... Must have at least one of the following certifications: CompTIA Network+, CompTIA Security +, or ...
SOC Analyst
Des Moines, IA · On-site
... 1 SOC Analysts in triaging cyber-security events, alerts, and incidents • Follow detailed ... operational procedures to analyze, escalate, and support remediation of critical security incidents ...
SOC Analyst
Des Moines, IA · On-site
... 1 SOC Analysts in triaging cyber-security events, alerts, and incidents • Follow detailed ... operational procedures to analyze, escalate, and support remediation of critical security incidents ...
The Tier 3 SOC Analyst serves as an escalation point for Tier 1 and Tier 2 Analysts within the SOC and provides advanced analytical and investigation support for complex incidents to assist in ...
New
The Tier 3 SOC Analyst serves as an escalation point for Tier 1 and Tier 2 Analysts within the SOC and provides advanced analytical and investigation support for complex incidents to assist in ...
New
SOC Analyst
Buffalo, NY · On-site +1
$68K - $80K/yr
Overview Do you want to be a part of one of the fastest-growing and largest global security operations centers? We are in search of a talented SOC Analyst to join Cegeka's Modern SOC As SOC Analyst ...
Quick apply
SOC Analyst
Buffalo, NY · On-site +1
$68K - $80K/yr
Overview Do you want to be a part of one of the fastest-growing and largest global security operations centers? We are in search of a talented SOC Analyst to join Cegeka's Modern SOC As SOC Analyst ...
Soc Analyst 1 information
See salary details
$32K - $41.2K
2% of jobs
$41.2K - $50.5K
7% of jobs
$50.5K - $59.7K
9% of jobs
$64.5K is the 25th percentile. Wages below this are outliers.
$59.7K - $68.9K
12% of jobs
$68.9K - $78.1K
17% of jobs
The median wage is $79.7K / yr.
$78.1K - $87.4K
16% of jobs
$94.8K is the 75th percentile. Wages above this are outliers.
$87.4K - $96.6K
15% of jobs
$96.6K - $105.8K
5% of jobs
$105.8K - $115K
9% of jobs
$115K - $124.3K
4% of jobs
$124.3K - $133.5K
3% of jobs
$32K
$84.2K
$133.5K
How much do soc analyst 1 jobs pay per year?
As of Jun 10, 2026, the average yearly pay for soc analyst 1 in the United States is $84,207.00, according to ZipRecruiter salary data. Most workers in this role earn between $65,000.00 and $98,500.00 per year, depending on experience, location, and employer.
What are SOC Analyst 1 roles and responsibilities?
A SOC Analyst 1 is an entry-level security operations center analyst responsible for monitoring security alerts, analyzing potential threats, and escalating incidents to higher-level analysts when necessary. They use various security tools to detect suspicious activities, document findings, and support incident response efforts. Additionally, SOC Analyst 1 professionals often assist with routine security tasks, such as log analysis, vulnerability scanning, and reporting. Their primary goal is to help protect an organization's digital assets by acting as the first line of defense against cyber threats.
What are some typical challenges faced by a SOC Analyst 1, and how can they be managed effectively?
As a SOC Analyst 1, one common challenge is handling a high volume of security alerts, many of which turn out to be false positives. Managing this requires strong attention to detail and the ability to quickly triage alerts based on urgency and relevance. Another challenge is staying up-to-date with the latest cyber threats and attack techniques, as the threat landscape evolves rapidly. Effective communication with senior analysts and other IT teams is also essential for escalating incidents and ensuring timely response. Continuous learning and leveraging automation tools can help manage these challenges and enhance effectiveness in the role.
What are the key skills and qualifications needed to thrive as a SOC Analyst 1, and why are they important?
To thrive as a SOC Analyst 1, you need foundational knowledge of cybersecurity principles, network protocols, and incident response, often supported by a degree in IT or related certifications like CompTIA Security+ or Cisco CCNA. Familiarity with security information and event management (SIEM) tools, intrusion detection/prevention systems, and ticketing platforms is typically required. Strong analytical thinking, attention to detail, and effective communication skills help analysts identify threats and collaborate with team members. These skills ensure rapid threat detection, accurate incident reporting, and proactive defense against cyberattacks.
What is the difference between Soc Analyst 1 vs Soc Analyst 2?
| Aspect | Soc Analyst 1 | Soc Analyst 2 |
|---|---|---|
| Certifications | CompTIA Security+, CEH (optional) | CompTIA Security+, CEH (preferred) |
| Experience | Entry-level, 0-1 year | 1-3 years, more complex tasks |
| Work Environment | Security Operations Center (SOC) | Security Operations Center (SOC) |
| Responsibilities | Monitoring alerts, basic incident response | Advanced threat detection, incident escalation |
Soc Analyst 1 typically handles basic monitoring and alert analysis, requiring foundational certifications and minimal experience. Soc Analyst 2 performs more complex threat detection and incident management, often with additional experience and skills. The roles are part of the same security team, with Soc Analyst 2 building upon the foundation set by Soc Analyst 1.
More about Soc Analyst 1 jobs
What cities are hiring for Soc Analyst 1 jobs? Cities with the most Soc Analyst 1 job openings:
What states have the most Soc Analyst 1 jobs? States with the most job openings for Soc Analyst 1 jobs include:
What job categories do people searching Soc Analyst 1 jobs look for? The top searched job categories for Soc Analyst 1 jobs are:
Job description
Everforth ECS is seeking a SOC Tier 2 Analyst to work in our Portland, OR office.
The SOC Analyst 2 supports the organization's security operations by conducting deeper investigation of escalated alerts, correlating security telemetry, supporting incident response activities, and preparing incident summaries and recommendations. This role is the mid-level investigation and response-support tier within the SOC Analyst role family.
The ideal candidate has hands-on SOC or security operations experience, understands common attack techniques and defensive technologies, and can independently investigate security events while coordinating with SOC Analyst 1, SOC Analyst 3, threat intelligence, threat hunting, forensics, engineering, and business stakeholders.
This role involves shift work schedule to support our 24/7 operation, including weekends and holidays. Candidates must be flexible in their availability. While we make every effort to accommodate individual preferences, it's essential to understand that specific shift requests are not guaranteed and are assigned based on operational needs.
Key Responsibilities
Escalated Alert Investigation & Correlation
Incident Response & Coordination Support
Detection, Tuning & Process Improvement Input
Reporting & Documentation
Mentorship & Continuous Improvement
The SOC Analyst 2 supports the organization's security operations by conducting deeper investigation of escalated alerts, correlating security telemetry, supporting incident response activities, and preparing incident summaries and recommendations. This role is the mid-level investigation and response-support tier within the SOC Analyst role family.
The ideal candidate has hands-on SOC or security operations experience, understands common attack techniques and defensive technologies, and can independently investigate security events while coordinating with SOC Analyst 1, SOC Analyst 3, threat intelligence, threat hunting, forensics, engineering, and business stakeholders.
This role involves shift work schedule to support our 24/7 operation, including weekends and holidays. Candidates must be flexible in their availability. While we make every effort to accommodate individual preferences, it's essential to understand that specific shift requests are not guaranteed and are assigned based on operational needs.
Key Responsibilities
Escalated Alert Investigation & Correlation
- Review and investigate alerts escalated by SOC Analyst 1 or automated SOC workflows to validate severity, scope, potential impact, and required response actions.
- Analyze suspicious activity, indicators of compromise, anomalous behavior, and policy violations using logs, endpoint telemetry, network data, identity data, cloud events, and other evidence.
- Correlate evidence across security platforms to identify affected assets, affected accounts, attack paths, timeline of activity, and potential business or mission impact.
- Map observed behaviors to applicable frameworks and threat models such as MITRE ATT&CK when useful for investigation, reporting, or detection improvement.
Incident Response & Coordination Support
- Support containment, eradication, and recovery activities for standard or moderate incidents in alignment with incident response plans and approved playbooks.
- Coordinate with system owners, security engineers, senior analysts, and other technical teams to gather evidence, validate impact, and support response actions.
- Escalate complex, high-impact, evidence-sensitive, or ambiguous incidents to SOC Analyst 3, SOC leadership, Forensics, Threat Hunter, Threat Intelligence Analyst, or other specialized roles as appropriate.
- Maintain accurate incident status, action tracking, and communications during investigation and response activities.
Detection, Tuning & Process Improvement Input
- Analyze recurring alerts, false positives, attack patterns, threat intelligence, vulnerabilities, and emerging tactics to identify opportunities to improve detection and response.
- Recommend updates to correlation rules, alert logic, dashboards, use cases, response playbooks, and triage procedures based on investigation outcomes.
- Operationalize threat intelligence in triage and investigation workflows by applying relevant indicators, adversary behaviors, vulnerabilities, and contextual reporting.
- Provide operational requirements and validation feedback to SOC Analyst 3, SOC Threat Hunter, Senior Splunk Engineer, Splunk Architect/Lead, Security Engineer, and SOC Technical Writer as appropriate.
Reporting & Documentation
- Document investigation activities, evidence, decisions, response actions, and outcomes clearly and accurately.
- Prepare incident summaries, ticket updates, timelines, shift handoff notes, and supporting information for after-action documentation.
- Communicate technical findings in clear operational, business, and risk language for SOC leadership and affected stakeholders.
- Provide evidence summaries and analysis notes that can be used by Forensics or specialized teams when deeper analysis is required.
Mentorship & Continuous Improvement
- Provide escalation guidance, quality feedback, and informal mentoring to SOC Analyst 1 personnel.
- Participate in lessons-learned activities, tabletop exercises, detection reviews, and SOC process improvement efforts.
- Stay current with evolving cyber threats, vulnerabilities, detection techniques, and security operations best practices.
- Contribute to continuous improvement of SOC workflows, investigation checklists, documentation practices, and escalation procedures.
- U.S. Citizenship with ability to obtain and maintain a DOE "L" clearance after start.
- 3-5 years of experience in SOC operations, incident response, security monitoring, threat monitoring, or related technical cybersecurity roles.
- Experience triaging escalated alerts and investigating security events using SIEM, EDR, ticketing, case management, and log analysis tools.
- Intermediate knowledge of Windows, Linux, networking, cloud, identity, endpoint, and application security concepts.
- Working knowledge of common attack techniques, incident response lifecycle activities, escalation procedures, playbooks, and evidence-handling practices.
- Ability to correlate evidence across multiple tools, develop incident timelines, and determine recommended response actions.
- Strong analytical, written documentation, communication, and collaboration skills, including the ability to guide SOC Analyst 1 personnel.