SIGN IN
Senior SOC/Cloud Security Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Texas Health and Human Services · 10 hours ago

Senior SOC/Cloud Security Analyst

positionAustin, TX
timeContract
remoteOnsite
senioritySenior Level
money$7,015.16/mo - $10,333.33/mo
date5+ years exp
Texas Health and Human Services Commission (HHSC) is committed to creating a positive impact in the lives of fellow Texans. The Senior SOC/Cloud Security Analyst plays a critical role in protecting enterprise systems and sensitive data from cyber threats, operating at an advanced technical level and serving as a subject matter expert in Security Operations and incident response.
Health Care
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Serve as a senior analyst within the Security Operations Center (SOC) responsible for advanced threat detection, triage, investigation, and response
Monitor and analyze security events using SIEM platforms (e.g., Splunk, Sentinel) to identify malicious or anomalous activity
Lead incident investigations, perform root cause analysis, and coordinate containment, eradication, and recovery efforts
Develop and refine detection use cases, correlation rules, and behavioral analytics to improve threat visibility
Provide technical leadership during high-severity cyber incidents
Conduct threat hunting activities across network, endpoint, identity, and cloud telemetry
Serve as the technical lead for vulnerability management using enterprise scanning platforms such as Qualys
Analyze vulnerability data, prioritize risks based on exploitability and business impact, and drive remediation with system owners
Validate patching effectiveness and oversee closure of critical and high-risk findings
Identify systemic weaknesses and recommend compensating controls
Produce executive-ready risk metrics and dashboards to support leadership decision-making
Secure AWS, Azure, and other cloud platforms through continuous monitoring and configuration assessment
Investigate cloud-native threats including identity compromise, misconfigurations, exposed services, and lateral movement
Implement and tune cloud security tooling such as CSPM, CWPP, and identity threat detection capabilities
Partner with DevOps and cloud teams to embed security controls into infrastructure deployments
Support secure architecture reviews and recommend improvements aligned with Zero Trust principles
Design, onboard, and normalize log sources to improve enterprise visibility
Enhance detection engineering by developing automated workflows, playbooks, and response integrations
Tune alerts to reduce false positives while improving detection fidelity
Support integration of threat intelligence feeds into security tooling
Evaluate emerging SOC technologies to strengthen defensive capabilities
Support audit requests, control validations, and security assessments
Maintain documentation for investigations, procedures, and operational playbooks
Ensure operational activities align with agency security policies and regulatory obligations
Includes participation in disaster response, cybersecurity incidents, and Continuity of Operations (COOP) activities as required

Qualification

Security OperationsSIEM platformsVulnerability managementCloud securityIncident responsePowerShellPythonZero Trust principlesMITRE ATT&CKEDR/XDR platformsCISSPGCIAGCIHGCEDAWS Security SpecialtyCertified Ethical HackerCompTIA Security+Analytical skillsCommunication skillsMentoring

Required

Minimum 5+ years of progressive cybersecurity experience, with at least 3 years in a SOC or security operations role
Experience with SIEM and vulnerability management platforms
Experience securing cloud environments (AWS, Azure, or Google Cloud)
Experience with incident response in enterprise environments
Advanced knowledge of Security Operations Center practices, incident response, and threat detection methodologies
Knowledge of scripting or automation (PowerShell, Python, or similar)
Knowledge of Zero Trust architecture principles
Strong knowledge of cloud security principles across AWS and Azure environments
Knowledge of attacker tactics, techniques, and procedures (MITRE ATT&CK)
Strongly skilled SIEM platforms such as Splunk, Microsoft Sentinel, or equivalent
Strongly skilled in vulnerability management tools such as Qualys and enterprise remediation programs
Skilled in endpoint detection and response (EDR/XDR) platforms
Strong analytical and problem-solving skills with the ability to operate during high-pressure incidents
Excellent written and verbal communication skills
Ability to mentor junior analysts and contribute to a high-performing SOC culture
Ability to translate technical risk into business impact for leadership
Ability to maintain the security and integrity of critical infrastructure systems by preventing unauthorized access and ensuring compliance with laws and regulations related to national security and foreign ownership restrictions

Preferred

CISSP
GCIA, GCIH, or GCED
Microsoft SC-200 or SC-100
AWS Security Specialty
Certified Ethical Hacker (CEH)
CompTIA Security+ (advanced candidates preferred beyond baseline cert)

Benefits

100% paid employee health insurance for full-time eligible employees
Defined benefit pension plan
Generous time off benefits
Numerous opportunities for career advancement

Company

Texas Health and Human Services

twittertwitter
company-logo
Texas Health and Human Services is an agency that focuses on improving health, safety and well-being.
dateFounded in 1907
location
Austin, Texas, USA
people-size10001+ employees
web-link
http://hhs.texas.gov

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Dr. Napoleon Broughton
Chief Executive Officer: Life Enhancement Solutions
linkedin
leader-logo
John F. Palermo
CTO Strategic Analyst VI
linkedin

Recent News

Help Net Security
Cybersecurity jobs available right now: April 8, 2025
2025-04-09
Fort Worth Star-Telegram
Fall pre-K enrollment underway in Tarrant County. What resources are available to parents?
2024-04-01
Company data provided by crunchbase