Cyber Advisors · 6 hours ago
Senior SOC Analyst
United States
Full-time
Remote
Mid, Senior Level
$90K/yr - $120K/yr
3+ years expCyber Advisors is a rapidly growing Cybersecurity Consulting firm and MSP, seeking a Senior SOC Analyst for their Defensive Security team. This role involves leading advanced investigations, incident coordination, and enhancing documentation and detection capabilities while mentoring junior analysts and collaborating with various stakeholders.
Information TechnologySecurity
Responsibilities
Lead deep-dive investigations across SIEM/EDR, cloud, and network telemetry; build timelines and determine scope and impact
Perform advanced analysis of endpoint activity, authentication/identity events, email telemetry, and network artifacts to identify attacker TTPs
Drive case direction by forming and testing hypotheses; identify containment and remediation actions with clear rationale
Provide clear, actionable technical updates and risk-based recommendations to technical and nontechnical audiences
Conduct root cause analysis and contribute to post-incident reviews; ensure corrective actions and detection improvements are tracked to completion
Develop and maintain detection content (KQL/SPL/Sigma) and associated response playbooks; validate efficacy through testing and tuning
Perform proactive threat hunting using known IOCs, behavioral analytics, and threat intelligence; document hunt hypotheses and outcomes
Design or request SOAR/automation improvements to reduce time-to-triage and improve consistency (enrichment, containment workflows, reporting)
Mentor and coach SOC Analysts; provide structured feedback on investigations, ticket quality, and incident handling
Establish and reinforce documentation standards, severity classification consistency, and investigation methodologies
Deliver high-quality incident reports including executive summaries, technical details, and prioritized remediation recommendations (as assigned)
Qualification
Required
3–6+ years of experience in security operations, incident response, threat detection, or threat analysis
Demonstrated experience leading complex investigations and coordinating incident response across technical teams
Strong proficiency with SIEM and EDR platforms; experience writing detection logic and running advanced queries (KQL/SPL/Sigma)
Strong knowledge of adversary behaviors and frameworks (MITRE ATT&CK) and incident handling practices (NIST concepts)
Experience with cloud and identity security telemetry (Microsoft 365, Azure/AWS, Entra ID/Azure AD) and modern endpoint telemetry
Excellent written and verbal communication skills; ability to brief technical and non-technical stakeholders
Relevant certifications (one or more): CySA+, GCIH, GCIA, ECIH (or equivalent)
Bachelor's degree in a related field or equivalent practical experience
Preferred
Experience with SOAR platforms and building automation workflows
Experience with DFIR tooling and evidence handling for endpoint and cloud investigations
Advanced certifications (as applicable): GCED, CISSP, CTIA, or vendor-specific security operations certifications
Experience supporting regulated environments and communicating control impacts (HIPAA, PCI-DSS, CJIS, etc.)
Experience partnering with detection engineering, purple team, or threat intel functions
Benefits
Vacation and PTO
Employer-paid Health and Dental Insurance for CA employees.
401k with employer matching
Opportunities for professional development, including certifications and ongoing training.
Company
Cyber Advisors
Cyber Advisors provides IT and security services.
201-500 employees
Funding
Current Stage
Growth StageLeadership Team
Raju kumar
CEO
Recent News
Company data provided by crunchbase