Senior Security Operations Center (SOC) Analyst

About the Role

You will independently detect, analyze, and respond to complex cyber threats, lead high‑severity incident response across IT, OT, and engineering teams, and make time‑critical security decisions to maintain grid reliability and public safety. The position also involves developing detection rules and automated playbooks, conducting malware analysis and digital forensics, mentoring junior analysts, and driving SOC process and capability improvements. • Detect, analyze, and respond to complex cyber threats in a fast‑paced SOC • Lead high‑severity incident response and coordinate across IT, OT, and engineering teams • Make time‑critical security decisions to protect grid reliability and public safety • Perform advanced threat detection using SIEM, EDR/XDR, network monitoring, and forensic tools • Conduct malware analysis, digital forensics, and root‑cause investigations • Develop and tune detection rules, correlation logic, and automated response playbooks • Identify security gaps and drive process and capability improvements • Produce clear incident reports and executive‑ready briefings • Collaborate with threat intelligence, IT, engineering, and OT teams • Participate in tabletop exercises, purple‑team activities, and security assessments • Mentor junior SOC analysts • Lead SOC‑related initiatives and partner with the PMO on security projects • Support SOC maturity, metrics, and process improvements

Key Responsibilities

• ▸threat detection
• ▸incident response
• ▸siem
• ▸malware analysis
• ▸digital forensics
• ▸playbook development

What You Bring

Success in this role requires deep experience with SIEM, EDR/XDR, network analysis, forensic tools, strong analytical and communication skills, and a commitment to continuous learning. • Experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight, Microsoft Sentinel) • Experience with EDR/XDR solutions (e.g., CrowdStrike, Carbon Black, Microsoft Defender, SentinelOne) • Proficiency with network analysis tools (Wireshark, Zeek, tcpdump) • Skills in digital forensics and malware analysis • Knowledge of MITRE ATT&CK, Cyber Kill Chain, and threat actor TTPs • Understanding of network protocols, firewalls, IDS/IPS, and proxy technologies • Windows and Linux administration and security hardening • Experience with cloud environments (AWS, Azure, GCP) • Scripting ability (Python, PowerShell, Bash) • Log analysis, event correlation, and vulnerability management • Strong ownership, sound judgment, and self‑starter mindset • Ability to remain calm and decisive during high‑severity incidents • Excellent analytical, problem‑solving, and communication skills • Relevant certifications (GCIA, GCIH, GCFA, GREM, CISSP, CySA+, etc.) • Experience in critical infrastructure or energy environments • Threat hunting or offensive security experience • Familiarity with NERC CIP requirements • Experience with SOAR platforms • Knowledge of OT/ICS security concepts

Requirements

• ▸siem
• ▸edr/xdr
• ▸wireshark
• ▸cissp
• ▸python
• ▸ot/ics

Benefits

The organization provides a competitive compensation package, a performance bonus, and a range of employee benefits designed to support professional growth and well‑being. • Hybrid work environment (2–3 days onsite per week) • Distance‑based relocation assistance • 6–7 person paid on‑call rotation • Competitive salary plus performance bonus • Enhanced 401(k) and financial planning support • Tuition reimbursement and professional development • Wellness programs and onsite gym • Free coffee at onsite café • Flexible work hours • Stable, mission‑driven workplace

Work Environment

Hybrid