SOC Analyst

Required (Minimum Necessary) Qualifications High School or GED-General Educational Development-GED Diploma Bachelor s degree in computer science or equivalent is preferred Minimum of five years hands-on experience Proven experience detecting, triaging, and responding to cyber incidents across enterprise networks and cloud environments. Proficiency with

SIEM, EDR/XDR

platforms, and forensic tools. Strong understanding of threat actor TTPs, MITRE ATT&CK framework, and incident containment strategies. Ability to analyze network traffic, logs, and endpoint telemetry to identify malicious activity. Familiarity with malware analysis, reverse engineering basics, and memory analysis concepts Experience developing and tuning detection rules, playbooks, and automated response workflows. Working knowledge of incident response frameworks (e.g., NIST

SP 800-61, SANS

). Understanding of vulnerability management, threat intelligence integration, and SOC metrics/reporting. Understanding of basic computer and networking technologies. o Windows and Linux/Unix operating systems o Networking technologies (routing, switching, VLANs, subnets, firewalls) o Common networking protocols - SSH, SMB, SMTP, FTP/SFTP, HTTP/HTTPS, DNS, etc. o Common enterprise technologies - Active Directory, Group Policy, and the Microsoft Azure suite of cloud services. o Understanding of current system logging technology and retrieving information from a plethora of technology platforms. Knowledge, Skills, Abilities, and Other Characteristics Ability to work well in a team environment. Self-starter with ability to work with little supervision. Willingness to take on and adapt to new, open-ended tasks for which there is no current standard operating procedure. Ability to research independently and self-teach. Strong analytical and decision-making skills under pressure. Excellent written and verbal communication, including incident documentation and executive briefings. Ability to lead investigations, mentor junior analysts, and collaborate with cross-functional teams. Preferred Interest in security/hacking culture. Ability to think like an attacker General cybersecurity certifications (one or more of the following preferred): o CompTIA Security+ o CompTIA Cybersecurity Analyst (CySA+) o Certified Ethical Hacker (CEH) o GIAC Certified Incident Handler (GCIH) Any cloud security certification, especially: o CompTIA Cloud+ o Certified Cloud Security Professional (CCSP) o Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK) Any Microsoft 365/Azure cybersecurity certification, especially: o

Microsoft Certified:

Security Operations Analyst Associate (SC-200) o

Microsoft Certified:

Security, Compliance, and Identity Fundamentals (SC-900) o

Microsoft Certified:

Azure Fundamentals (AZ-900) o

Microsoft Certified:

Azure Security Engineer Associate (AZ-500) Familiarity with the Microsoft 365 and Microsoft Azure suite of products, including Microsoft Sentinel and Microsoft 365 Defender. Knowledge of common enterprise technologies, policies, and concepts such as: o Microsoft Sentinel SIEM o Kusto Query Language (KQL) o Mobile device technologies (iOS, Android) o Scripting experience (PowerShell, Python, etc.) o Microsoft Power BI o Azure DevOps Artificial Intelligence (AI) / Machine Learning (ML) expertise o In-depth knowledge of AI and ML concepts. o How to practically apply AI/ML technologies to enhance cyber threat hunting and incident response capabilities. o Experience with specific AI services offered within Microsoft Azure.