Position: Senior SOC Analyst - Fortune 500 Company Cyber Fusion Center - East Raleigh, NC - W2 Only

Department: Cyber Fusion Center (CFC)

Location: Zebulon, NC - Onsite

Shift: 3rd shift, 10 pm-8 am , Four 10-hour shifts - Sun-Wed

*Candidates must be able to work on the client's W2 without a vendor or employer*

*Candidates must be able to commute to the client location in Zebulon from day 1*

Role Overview:

The Senior SOC Analyst is an experienced role within the 24/7 Cyber Fusion Center (CFC) organization. The role is responsible for monitoring, triaging, and escalating security events properly in any technology environment.

Key Responsibilities:

• Evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS alerts, firewalls, network traffic logs, cloud platforms, and SOAR solutions) to analyze events that occur within their environments for the purposes of mitigating threats in both structured and unstructured situations.
• Proactively engage in log, identity, cloud, network, and root cause analysis.

Skills and Qualifications:

• Strong analytical skills to characterize and analyze alerts.
• Ability to perform event correlation and gain situational awareness.
• Proficiency in documenting and escalating incidents.
• Experience in providing summary reports and performing trend analysis.
• Excellent communication skills, both written and verbal.
• Active participation in team interactions and contributions to SOC runbooks.
• Ability to recommend improvements to automations, alert fidelity, and security controls.

Emphasis:

This role will also focus on cloud environments, particularly AWS and Azure.

Qualifications and Skills

• Certifications: Security+, Network+, CySA+, cloud certifications (AWS, Azure, etc.)
• Problem-Solving: Apply best practices; proficiency in security platforms (logging, event correlation, incident management, vulnerability management)
• Teamwork: Strong collaboration skills
• Time Management: Effectively manage competing priorities
• Communication: Highly effective verbal and written skills for conveying technical information and business impact
• Support: Assist with various tasks supporting the Cybersecurity Mission
• Self-Starter: Quickly acquire new skills
• Team Player: Positive mindset and team-oriented
• Availability: Support on-call and regular shifts in a 24/7 operations environment
• Certifications: Obtain required technical certifications within six months of hire

Knowledge Areas

• Cloud Fundamentals: AWS, Azure
• IT and Cybersecurity: General knowledge
• Networking: Concepts, protocols, and security methodologies
• Traffic Analysis: Network traffic and packet-level analysis (e.g., Wireshark, tcpdump)
• Operating Systems: Windows/Unix ports and services
• Identity and Access Management: Basic concepts
• Phishing: Tactics and techniques
• Cyber Threats: Understanding vulnerabilities and attack stages (reconnaissance, scanning, gaining access, etc.)
• Incident Response: Handling methodologies
• Countermeasures: Addressing various threats
• Automation and AI: Basic knowledge of automation, machine learning, and AI possibilities