SecurityOperationsAnalyst

## Accountabilities Triage, investigate, and respond to security alerts generated by SOC platforms and detection systems, ensuring timely and accurate incident handling. Perform deep-dive analysis of endpoint detection and response (EDR) telemetry, logs, and forensic artifacts to determine root cause and recommend remediation actions. Conduct malware analysis (static and dynamic) to support threat identification and containment efforts. Investigate suspicious cloud and productivity suite activity (including Microsoft M365) and provide remediation guidance. Support escalation workflows from product support and cross-functional teams on security-related incidents and inquiries. Contribute to detection engineering efforts, including tuning existing rules and helping improve alert fidelity. Participate in collaborative SOC initiatives aimed at improving processes, tools, and overall security outcomes. Requirements: 2+ years of experience in a SOC, incident response, or digital forensics (DFIR) role. Strong familiarity with Windows, Linux, and macOS environments as potential attack surfaces. Working knowledge of attacker techniques aligned with the MITRE ATT&CK framework, including persistence, privilege escalation, lateral movement, and defense evasion. Experience analyzing malware behavior using static and dynamic methods. Understanding of Windows administration and enterprise environments (Active Directory, Group Policy, domain architecture). Solid grasp of networking fundamentals (TCP/IP, DNS, ports/protocols, NAT, VLANs, routing concepts). Knowledge of web technologies and common vulnerabilities (OWASP Top 10 awareness). Strong communication skills with the ability to translate technical findings into clear, actionable insights for diverse audiences. Curiosity-driven mindset with a passion for continuous learning and threat research. Benefits: 100% remote work environment with flexibility in a US-based Pacific Time Zone schedule. Competitive base salary range of $10