University of Central Florida · 23 hours ago
Security Operations Center Analyst
Greater Orlando
Full-time
Onsite
Mid, Senior Level
$89K/yr - $100K/yr
4+ years expThe University of Central Florida is dedicated to fostering a conducive educational environment and is seeking to hire four Security Operations Center (SOC) Analysts. The SOC Analysts will monitor, detect, analyze, and respond to cybersecurity threats, ensuring continuous protection of institutional assets through 24/7 operations.
EducationTrainingUniversities
No H1B
Responsibilities
Monitor SIEM, EDR, IDS/IPS, firewalls, and other security tools for alerts and anomalies
Perform initial triage and validation of security alerts to identify potential incidents
Conduct deep analysis of events using multiple data sources (e.g., SIEM logs, endpoint telemetry, network traffic)
Lead investigations involving advanced persistent threats (APTs), insider threats, or multi-stage attacks
Perform root cause analysis and develop post-incident reports with tactical and strategic recommendations
Create and tune detection rules and automation workflows within SIEM and SOAR platforms
Monitor, detect, and analyze AI-driven attack techniques (e.g., prompt injection, data poisoning, model theft, adversarial input attacks)
Evaluate and deploy AI-based security capabilities (e.g., anomaly detection models, LLM-based analysis tools) to enhance threat visibility
Qualification
Required
Bachelor's degree and 4 years of relevant experience; or High School Diploma (or equivalent) and 8 years of relevant work experience in lieu of degree or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219(6)
Monitor SIEM, EDR, IDS/IPS, firewalls, and other security tools for alerts and anomalies
Perform initial triage and validation of security alerts to identify potential incidents
Conduct deep analysis of events using multiple data sources (e.g., SIEM logs, endpoint telemetry, network traffic)
Lead investigations involving advanced persistent threats (APTs), insider threats, or multi-stage attacks
Perform root cause analysis and develop post-incident reports with tactical and strategic recommendations
Create and tune detection rules and automation workflows within SIEM and SOAR platforms
Monitor, detect, and analyze AI-driven attack techniques (e.g., prompt injection, data poisoning, model theft, adversarial input attacks)
Evaluate and deploy AI-based security capabilities (e.g., anomaly detection models, LLM-based analysis tools) to enhance threat visibility
Position requires a valid Class E driver's license
Applicant must be authorized to work for any U.S. employer, as sponsorship is not available for this position now or in the future
Preferred
5+ years of operational cybersecurity experience, including work in a Security Operations Center (SOC), incident response, or similar security operations role
Hands-on experience with core SOC technologies, including: SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel), SOAR tools for automation and orchestration, Endpoint detection and response (EDR) solutions, Network IDS/IPS technologies, and Firewall administration and enterprise log analysis
Experience developing and tuning detection capabilities, including writing correlation rules, alerts, and automated workflows within SIEM and SOAR environments
Scripting proficiency (e.g., Python, PowerShell, Bash) for automation, custom detections, data parsing, and enrichment
Knowledge of emerging AI-driven attack vectors, including prompt injection, adversarial machine learning techniques, data poisoning, and model extraction attacks
Experience deploying or tuning AI-based security capabilities, such as anomaly detection models, AI-assisted triage tools, or LLM-driven threat analysis workflows
Demonstrated incident response expertise, including triage, advanced threat analysis, containment, root-cause analysis, and post-incident reporting
Familiarity with digital forensics tools, methodologies, and evidence-handling (endpoint, network, or cloud forensics)
Understanding of cloud security principles and monitoring within Azure, Amazon Web Services (AWS), and/or Google Cloud environments, including hybrid infrastructure
Strong analytical, investigative, and problem-solving skills, with the ability to communicate technical findings clearly to both technical and non-technical audiences
Experience in higher-education or complex enterprise environments, including research and administrative support, data-security compliance frameworks (e.g., FERPA, HIPAA, NIST 800-171), and the unique network/security challenges of university settings
Relevant Industry-recognized certifications such as CompTIA Security+, CySA+, CEH, GIAC Security Essentials (GSEC), or Certified SOC Analyst (CSA)
Benefits
Benefit packages, including Medical, Dental, Vision, Life Insurance, Flexible Spending, and Employee Assistance Program
Paid time off, including annual and sick time off and paid holidays
Retirement savings options
Employee discounts, including tickets to many Orlando attractions
Education assistance
And more…For more benefits information, view the UCF Employee Benefits Guide.
Company
University of Central Florida
University of Central Florida is an American public research university in Orlando, Forida.
10001+ employees
Funding
Current Stage
Late StageTotal Funding
$5.08MKey Investors
The Duke Energy FoundationUS Department of EnergyNational Institutes of Health
2024-09-17Grant· $0.07M
2024-09-17Grant· $1.4M
2022-03-14Grant· $3.6M
Leadership Team
John Buckwalter
Provost and Executive Vice President for Academic Affairs
Issa Batarseh
Director, Florida Power Electronics Center
Recent News
2025-12-11
Company data provided by crunchbase