1

Soc Analyst Jobs Jobs (NOW HIRING)

SOC Tier 3 Analyst

Portland, OR · On-site

$88K - $104K/yr

The SOC Analyst 3 supports the organization's security operations by leading complex incident analysis, validating advanced investigative findings, coordinating technical response actions, improving ...

SOC Analyst I

Dallas, TX · On-site

$65K - $85K/yr

SOC Analyst I Location: Dallas, TX Pay Range: $65K-$85K Benefits: Medical, Dental, Vision, 401(k) We are looking to bring on a SOC Analyst to our team due to growth in our Dallas HQ. What we need is ...

The SOC Analyst will monitor and protect the network against external threats, detect and respond to cybersecurity concerns, and find solutions to existing security risks while proactively preventing ...

SOC Analyst I

Dallas, TX · On-site

$65K - $85K/yr

SOC Analyst I Location: Dallas, TX Pay Range: $65K-$85K Benefits: Medical, Dental, Vision, 401(k) We are looking to bring on a SOC Analyst to our team due to growth in our Dallas HQ. What we need is ...

They are seeking a SOC Analyst to monitor security incidents, conduct investigations, and document findings to ensure the safety of their operations. Responsibilities : • Perform continuous ...

Job Summary The Lead SOC Analyst is responsible for leading the daily operations of the Security Operations Center (SOC) while actively participating in threat detection, investigation, and response ...

Job Summary The Lead SOC Analyst is responsible for leading the daily operations of the Security Operations Center (SOC) while actively participating in threat detection, investigation, and response ...

Title- SOC Analyst Location- St. Petersburg, FL (hybrid) Required Qualifications * Experience: Min 9 years in cybersecurity, with a focus on SOC operations and incident response. * Environment ...

Alpha Consulting Corp. is seeking a SOC Analyst to support the deployment of advanced SOC capabilities and AI-assisted investigations. The role involves coordinating implementation activities ...

SOC Analyst (L3 Admin) Location: Dallas, TX (Hybrid) Type: Fulltime HCL CSFC provides a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A ...

The SOC Analyst is responsible for monitoring security events, analyzing alerts, tuning Security Information and Event Management (SIEM) platforms, and supporting Continuous Monitoring (ConMon ...

SOC Analyst

Denver, CO · On-site

$105K - $120K/yr

The SOC Analyst is responsible for monitoring security events, analyzing alerts, tuning Security Information and Event Management (SIEM) platforms, and supporting Continuous Monitoring (ConMon ...

SOC Analyst

Denver, CO · On-site

$105K - $120K/yr

The SOC Analyst is responsible for monitoring security events, analyzing alerts, tuning Security Information and Event Management (SIEM) platforms, and supporting Continuous Monitoring (ConMon ...

SOC Analyst

Denver, CO

$105K - $120K/yr

The SOC Analyst is responsible for monitoring security events, analyzing alerts, tuning Security Information and Event Management (SIEM) platforms, and supporting Continuous Monitoring (ConMon ...

SOC Analyst

Alexandria, VA · On-site

$150K - $165K/yr

The SOC Analyst will be responsible for monitoring, analyzing, investigating, and responding to cybersecurity events and incidents across enterprise networks and systems. This role requires ...

SOC Analyst Job Location: Dallas, TX Job Type: Contract • Manage and support the log collection, security scanning, intrusion detection, content filtering, and other security-related systems • ...

UFP Industries is seeking a Lead SOC Analyst to oversee the daily operations of their Security Operations Center. This role involves leading incident response, managing vendor relationships ...

next page

Showing results 1-20

SOC Tier 3 Analyst

SOC Tier 3 Analyst

ECS

Portland, OR • On-site

$88K - $104K/yr

Full-time

Posted 25 days ago


Job description

Everforth ECS is seeking a SOC Tier 3 Analyst to work in our Portland, OR office. Note: This position is contingent upon contract award.
The SOC Analyst 3 supports the organization's security operations by leading complex incident analysis, validating advanced investigative findings, coordinating technical response actions, improving detection effectiveness, and mentoring lower-tier analysts. This role is the senior technical analysis and escalation tier within the SOC Analyst role family.
The ideal candidate has advanced SOC, incident response, and detection-analysis experience; understands adversary tradecraft and enterprise security architecture; and can coordinate complex technical investigations while partnering with SOC leadership, threat hunting, threat intelligence, forensics, Splunk engineering, security engineering, and program stakeholders.
This role involves shift work schedule to support our 24/7 operation, including weekends and holidays. Candidates must be flexible in their availability. While we make every effort to accommodate individual preferences, it's essential to understand that specific shift requests are not guaranteed and are assigned based on operational needs.
Key Responsibilities
Advanced Incident Analysis & Escalation Leadership
  • Lead analysis of complex, high-impact, multi-stage, or ambiguous security incidents across enterprise systems, cloud environments, identity platforms, endpoints, networks, and applications.
  • Validate incident severity, scope, attack path, affected assets, affected accounts, likely root cause, and potential operational or business impact.
  • Review and resolve escalated findings from SOC Analyst 1 and SOC Analyst 2, including disputed severity, inconclusive evidence, or multi-source correlation challenges.
  • Provide technical facts, risk context, and recommended response priorities to SOC leadership for major incident handling and stakeholder communication.

Technical Response Coordination
  • Coordinate complex containment, eradication, and recovery support with Security Engineer, Senior Engineer, system owners, incident responders, and other technical teams.
  • Define evidence collection requirements and coordinate handoff to Forensics Lead or Forensics Mid when formal acquisition, preservation, chain of custody, or deep forensic analysis is required.
  • Guide investigation strategy, timeline development, technical response sequencing, and escalation decisions for complex incidents.
  • Maintain alignment with approved incident response plans, playbooks, evidence-handling expectations, and leadership direction.

Detection Effectiveness & Analytic Improvement
  • Analyze adversary behaviors, attack patterns, vulnerabilities, threat intelligence, control gaps, and recurring incident trends to improve detection and response effectiveness.
  • Define analytic requirements and validate correlation rules, alert logic, dashboards, use cases, and response playbooks for operational effectiveness.
  • Map complex observed behaviors to MITRE ATT&CK and other applicable threat models to support analytic improvement and stakeholder reporting.
  • Coordinate with SOC Threat Hunter to convert hunt findings into operational detections and with Senior Splunk Engineer or Splunk Architect/Lead for technical implementation.

Reporting, Briefings & Knowledge Transfer
  • Prepare or review complex incident summaries, technical timelines, investigation narratives, after-action inputs, and lessons-learned content.
  • Communicate complex technical findings in clear operational, business, and risk language for SOC leadership, program stakeholders, and technical teams.
  • Provide technical input to SOC Technical Writer for SOPs, playbooks, knowledge articles, and formal documentation products.
  • Mentor SOC Analyst 1 and SOC Analyst 2 personnel through escalation review, coaching, analytic guidance, and quality feedback.

Governance, Quality & Continuous Improvement
  • Lead or support detection reviews, tabletop exercises, incident retrospectives, process assessments, and quality improvement activities.
  • Identify recurring gaps in telemetry, tools, controls, workflows, documentation, or analyst training and coordinate corrective action requirements with the appropriate owner.
  • Stay current with evolving cyber threats, vulnerabilities, adversary tradecraft, detection techniques, and security operations best practices.
  • Translate lessons learned and threat developments into improved detections, procedures, escalation criteria, and analyst enablement materials.

  • U.S. Citizenship with ability to obtain and maintain a DOE "L" clearance after start.
  • 5+ years of experience in SOC operations, incident response, detection engineering support, threat analysis, or advanced cybersecurity operations.
  • Advanced experience using SIEM, EDR, log analysis, case management, and cross-tool correlation to investigate complex security incidents.
  • Strong understanding of adversary tradecraft, MITRE ATT&CK, incident response lifecycle activities, evidence handling, detection logic, and enterprise security architecture.
  • Experience leading complex investigations, validating technical findings, defining response priorities, and coordinating technical response across multiple teams.
  • Experience developing or validating detection requirements, alert logic, analytic coverage, investigation workflows, or response playbooks.
  • Strong written and verbal communication skills, including the ability to brief technical findings and mentor lower-tier analysts.