SOC Security Analyst

The SOC Security Analyst plays a key role in delivering managed detection and response services to multiple clients across diverse environments. This role focuses on continuous monitoring, threat detection, incident analysis, and response coordination within the MXDR platform and client ecosystems. Analysts act as trusted security partners, ensuring threats are identified early and mitigated efficiently while maintaining strong communication and service quality standards for each client. Responsibilities include: • Monitor client environments through MXDR platforms integrating SIEM, EDR, NDR, and threat intelligence feeds. • Perform real-time alert triage, correlation, and validation across multiple client networks. • Investigate security incidents and determine root cause, impact, and recommended remediation. • Execute incident response procedures and coordinate with client IT/security teams for containment and recovery. • Tune detection rules, correlation logic, and analytics within the MXDR platform to reduce false positives. • Create and maintain incident tickets, client-facing reports, and SOC documentation according to SLAs. • Collaborate with Threat Intelligence and Engineering teams to enhance detection and response capabilities. • Support onboarding of new clients, including tool configuration, baseline establishment, and monitoring setup. • Participate in threat-hunting activities and proactive posture assessments. • Maintain deep knowledge of evolving threats, attacker TTPs, and relevant frameworks (MITRE ATT&CK, NIST 800-61, etc.). Position Qualifications: • 2+ years of experience in SOC, MDR/MXDR operations, or managed security service environments. • Hands-on experience with SIEM and XDR tools (e.g., Microsoft Sentinel, CrowdStrike Falcon, SentinelOne, Elastic, Splunk). • Solid understanding of security event analysis, threat detection methodologies, and incident response lifecycle. • Knowledge of log correlation across cloud, network, and endpoint sources. • Familiarity with security tools including EDR, NDR, IDS/IPS, and vulnerability management. • Strong customer service orientation and ability to communicate effectively with clients. • Working knowledge of network protocols, endpoint behavior, and attack indicators. • Excellent analytical, documentation, and problem-solving skills. Preferred Qualifications • Certifications such as CompTIA Security+, CySA+, CEH, GCIA, GCIH, or Microsoft SC-200. • Experience with SOAR automation and playbook creation. • Exposure to multi-tenant SOC or MSSP environments. • Familiarity with regulatory and compliance standards (ISO 27001, SOC 2, HIPAA, etc.). • Proficiency in scripting (Python, PowerShell) for automation and enrichment tasks. Work Environment • Operates within a 24x7 global MXDR SOC environment. • Rotational shifts, on-call duties, and coordination across time zones. • Collaborative, fast-paced, and client-centric environment focused on proactive security outcomes. Our security operations center is a 24/7-staffed operation. This position will require shift flexibility, as your assigned schedule will be communicated after training is completed. Must be open to evenings and weekends if required. Position will be hybrid-remote. Job Type: Full-time Pay: From $50,000.00 per year Benefits: • 401(k) • Dental insurance • Flexible spending account • Health insurance • Health savings account • Life insurance • Paid time off • Parental leave • Vision insurance Work Location: Hybrid remote in Scottsdale, AZ 85251