Back to search
HW3 Linkedin · Posted 20d ago

Sr. SOC Analyst

Great Neck, New York, United States

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Senior SOC Analyst

Overview

A growing Financial Service organization is seeking a Senior SOC Analyst to join its Cybersecurity team. This is a hands-on security operations role focused on threat detection, incident response, vulnerability management, and continuous improvement of defensive capabilities.

The successful candidate will play a key role in identifying, investigating, and responding to security threats while partnering with infrastructure, engineering, and security teams to strengthen the organization's overall security posture.

Key Responsibilities

Security Operations & Incident Response

  • Monitor, investigate, and respond to security alerts across endpoint, network, cloud, and identity environments.
  • Lead incident response activities including triage, containment, remediation, recovery, and post-incident analysis.
  • Execute and improve incident response procedures, playbooks, and operational workflows.
  • Conduct root cause analysis and document findings from security investigations.
  • Produce clear incident reports and communicate findings to technical and business stakeholders.
  • Participate in an on-call rotation supporting critical security incidents.

Vulnerability Management

  • Perform vulnerability assessments and assist in the identification and prioritization of security risks.
  • Partner with technical teams to drive remediation efforts and reduce organizational risk.
  • Monitor emerging vulnerabilities and threat activity to support risk-based prioritization.
  • Contribute to reporting around vulnerability trends, remediation metrics, and overall security posture.

Threat Detection & Threat Hunting

  • Support threat hunting initiatives to proactively identify malicious activity.
  • Develop and improve detection logic, alerting mechanisms, and investigative processes.
  • Leverage frameworks such as MITRE ATT&CK to enhance detection and response capabilities.
  • Participate in security validation exercises designed to test and strengthen defensive controls.
  • Research emerging threats and incorporate findings into monitoring and detection strategies.

Collaboration & Continuous Improvement

  • Analyze security telemetry from a variety of sources including endpoints, network devices, cloud platforms, and identity systems.
  • Partner with cross-functional teams to improve security controls and operational effectiveness.
  • Maintain operational documentation and knowledge-sharing resources.
  • Mentor junior team members and contribute to the growth of the security operations function.

Required Experience

  • 5+ years of experience in Security Operations, Incident Response, Threat Detection, or a related cybersecurity discipline.
  • Hands-on experience with enterprise SIEM platforms such as Splunk, Microsoft Sentinel, Sumo Logic, QRadar, or similar technologies.
  • Experience working with EDR solutions such as CrowdStrike Falcon, Microsoft Defender, SentinelOne, Carbon Black, or equivalent.
  • Familiarity with vulnerability management platforms including Tenable, Qualys, Rapid7, or similar solutions.
  • Experience supporting identity and access security initiatives, including Conditional Access, MFA, and modern identity platforms.
  • Exposure to Data Loss Prevention (DLP) technologies and information protection programs.
  • Strong understanding of incident response methodologies and security operations workflows.
  • Knowledge of networking fundamentals including TCP/IP, DNS, HTTP/S, firewalls, proxies, and common attack techniques.
  • Experience investigating security events across cloud, endpoint, network, and identity environments.
  • Familiarity with the MITRE ATT&CK framework.
  • Scripting or automation experience using Python, PowerShell, Bash, or similar technologies.
  • Strong communication and analytical problem-solving skills.

Preferred Experience

  • Threat hunting experience.
  • Detection engineering and use-case development.
  • Purple team, adversary emulation, or security validation experience.
  • Experience with cloud platforms including AWS, Azure, or GCP.
  • Exposure to SOAR platforms and security automation workflows.
  • Familiarity with threat intelligence platforms and workflows.
  • Experience with digital forensics and incident investigation tools.

Ideal Background

Candidates will typically come from environments where they have supported technologies such as:

  • SIEM: Splunk, Microsoft Sentinel, Sumo Logic, QRadar
  • EDR/XDR: CrowdStrike Falcon, Microsoft Defender, SentinelOne, Carbon Black
  • Vulnerability Management: Tenable, Qualys, Rapid7
  • Cloud Security: AWS, Azure, GCP
  • Identity Security: Entra ID (Azure AD), Okta, Ping Identity, CyberArk
  • Security Automation: SOAR platforms and workflow automation tools


Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent