SOC Analyst (5803)

As a SOC Analyst, you’ll be responsible for monitoring, detecting, and responding to cybersecurity threats within an organization's IT environment. You'll analyze security alerts, investigate suspicious activities, and implement measures to mitigate risks. You will also document incidents, improve security protocols, and collaborate with other teams to strengthen overall cybersecurity defenses.

We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers.

If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

What you’ll do:

• 2nd or 3rd Shift:  (2:00 PM - 10:30 PM OR 11:00 PM - 6:30 AM)
• Monitor security alerts and events using SIEM (Security Information and Event Management) tools.
• Collaborate with leadership to develop and refine comprehensive cybersecurity strategies aligned with industry best practices and regulatory requirements.
• Serve as a technical authority, offering in-depth expertise in areas such as threat detection, incident response, vulnerability management, and risk assessment.
• Assess, design, and implement advanced security architecture solutions that address the organization's evolving technology landscape.
• Identify, assess, and prioritize cybersecurity risks, working closely with cross-functional teams to mitigate potential threats effectively.
• Lead and coordinate incident response activities, guiding the team through timely and effective resolution of security incidents and breaches.
• Provide training and mentorship to internal teams, raising overall cybersecurity awareness and competence throughout the organization.
• Conduct thorough security audits and assessments to identify vulnerabilities, weaknesses, and areas for improvement.
• Investigate security incidents to determine root causes and implement remediation strategies.
• Conduct threat intelligence analysis to identify and mitigate emerging cyber threats.
• Perform real-time analysis of security logs and network traffic for anomalies.
• Develop and update SOC processes, playbooks, and incident response plans.
• Provide reports and recommendations to enhance security posture.

What you’ll need to succeed:

• 5+ years of experience in a SOC environment.
• An active TS/SCI security clearance
• Experience in identifying, analyzing, and responding to security incidents using SIEM tools and threat intelligence platforms.
• Strong skills in containing, mitigating, and resolving cybersecurity incidents following established protocols.
• Solid understanding of network protocols, firewalls, and endpoint security solutions to assess potential vulnerabilities.
• Experience examining system logs, packet captures, and forensic data to identify malicious activity.
• Ability to clearly document findings, write detailed incident reports, and effectively communicate with technical and non-technical stakeholders.).
• Experience with automation tools and scripting languages to streamline security operations, threat detection, and incident response.
• Experience managing security events, and cyber threat response.
• Familiarity with ITIL frameworks, incident management, and service desk operations.