Security Operations Center Analyst

SOC Analyst, Cyber Security Operations Center

Reports to: Manager, Cyber Security Operations Center

Job Description

POSITION SUMMARY

Owens & Minor is looking for SOC analyst who will play a critical role in managing and responding to security incidents, assisting in threat detection, and enhancing the organizations cybersecurity defenses. Building on foundational SOC knowledge, you will be responsible for handling escalated incidents, conducting in-depth investigations, improving detection capabilities, and mentoring junior analysts. This role requires a proactive approach to identifying and mitigating threats while maintaining the health of SOC tools and infrastructure. This is a 24x7 shift environment and may require first, second, and third shift availability on weekdays, weekends, and holidays.

ESSENTIAL JOB FUNCTIONS:

• Continuously monitor and assess alerts generated by SIEM and other security tools to identify potential threats.
• Perform in-depth investigation and analysis of escalated incidents to determine root causes, methods of attack, and potential impacts.
• Handle Level 2 escalations by reviewing event data, system logs, and contextual information.
• Execute incident response processes, including containment, eradication, and recovery steps.
• Develop and fine-tune detection rules, playbooks, and use cases to improve threat detection and reduce false positives.
• Collaborate with Level 1 analysts, IT teams, and other stakeholders to resolve incidents and implement security measures.
• Create and maintain incident documentation, providing detailed analysis and lessons learned.

SUPPLEMENTAL JOB FUNCTIONS:

• Provide guidance and mentorship to Associate SOC Analysts (P1) to improve team performance and knowledge-sharing.
• Participate in post-incident reviews, helping identify gaps in processes and recommending improvements.
• Stay updated on emerging threats, vulnerabilities, and cybersecurity trends, sharing knowledge with the team.

Qualifications

EDUCATION & EXPERIENCE:

• 4 to 5 years of experience in a SOC or cybersecurity role.

• Proven experience with incident detection, response, and management.

KNOWLEDGE SKILLS & ABILITIES:

• Strong understanding of SIEM systems, log analysis, and alert management.
• Deep knowledge of TCP/IP networking, ports, protocols, and packet analysis.
• Expertise in Windows and Linux/Unix systems, including process execution, filesystems, auditing, and logging.
• Proficient in security technologies such as EDR, Firewalls, IDS/IPS, Web Proxies, and Authentication Services.
• Familiarity with scripting languages such as Python, PowerShell, or Bash is a plus.
• Strong analytical, problem-solving, and decision-making skills.
• Excellent written and oral communication skills for effective collaboration and reporting.
• Familiarity with MITRE ATT&CK framework and its practical application.

Key Responsibilities:

• Monitor security tools and dashboards to identify and assess potential threats, vulnerabilities, and incidents.
• Analyze security alerts generated by SIEM (Security Information and Event Management) systems and other monitoring tools.
• Support senior analysts in investigating security incidents, gathering relevant information, and documenting findings.
• Escalate incidents to higher-tier analysts or the SOC Manager as needed.
• Execute predefined playbooks and standard operating procedures (SOPs) during incident handling.
• Stay informed about emerging threats, vulnerabilities, and industry trends.
• Assist in maintaining and updating SOC tools and technologies.
• Perform basic troubleshooting of SOC systems under supervision.

ADDITIONAL REQUIREMENTS:

• Work closely with team members, IT staff, and other departments to address security concerns.
• Participate in SOC team meetings, training sessions, and exercises.