SOC Analyst / Junior Engineer

Job Summary The SOC Analyst/Engineer designs, implements, and maintains security monitoring tools and processes to support a 24/7 Security Operations Center (SOC). This role develops detection use cases, automates workflows, fine-tunes alerts, and ensures log quality to detect and respond to threats effectively. Responsibilities • Design, implement, and maintain security monitoring tools and integrations supporting SOC operations • Develop detection use cases to identify security threats across customer environments • Automate workflows to improve SOC efficiency and incident response times • Fine-tune alerting logic to reduce false positives and enhance threat detection accuracy • Ensure quality and completeness of log ingestion from diverse data sources • Support onboarding of new clients by integrating relevant data sources into security platforms • Maintain up-to-date documentation and runbooks for SOC processes and tools • Collaborate closely with SOC Analysts, Incident Responders, and platform owners to optimize security operations • Monitor and support high-availability SOC platforms to ensure continuous performance and reliability Required competencies and certifications • Proficiency with SIEM platforms such as Splunk, ELK Stack, or ArcSight • Strong understanding of network and system fundamentals to support security monitoring • Ability to analyze logs and interpret security data to detect threats • Knowledge of incident response procedures and best practices • Ability to identify and classify security threats and anomalies accurately • Strong attention to detail and organizational skills to maintain SOC documentation and processes • Excellent problem-solving and analytical abilities to troubleshoot security issues • Clear written and verbal communication skills for effective collaboration • Ability to work effectively in a team environment Preferred competencies and qualifications • Security certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC certifications • Experience with ticketing and case management systems to track incidents • Basic scripting knowledge in Python or Bash to automate tasks • Familiarity with malware analysis concepts to support threat investigations • Understanding of cloud security principles and threats to enhance monitoring capabilities • Experience with threat intelligence platforms to enrich detection use cases • Knowledge of common attack vectors and tactics to improve security posture