Security Operations Center Analyst

About the Role

Proglite is seeking a SOC Analyst to join a clients extended security operations team. This is a hands-on operational role focused on log monitoring, alert triage, data loss prevention (DLP) analysis, and third-party risk administration. You will serve as a dedicated coverage resource, helping the clients internal SecOps team stay ahead of security events.

Success in this position requires strong analytical thinking, attention to detail, proactive communication, and the ability to work independently within defined playbooks and processes.

Key Responsibilities

Log Monitoring & Alert Triage

• Monitor and review security logs across Microsoft and Zscaler ecosystems on a daily basis.
• Analyze alerts generated by algorithm-driven systems and classify events by severity and relevance.
• Investigate anomalies such as geolocation mismatches, unusual sign-in patterns, and access irregularities.
• Act as the first point of contact for security notifications during off-hours, escalating as appropriate.

DLP & Insider Threat Monitoring

• Review Microsoft Purview DLP logs for policy violations and suspicious data movement.
• Monitor elevated-risk users such as employees serving notice for data exfiltration indicators including large email attachments, bulk file downloads, auto-forwarding rule creation, and compressed file uploads.
• Perform basic DLP troubleshooting and flag unresolved issues to the senior SecOps team.

Zscaler Reporting

• Generate weekly Zscaler data exports on a scheduled cadence.
• Apply pre-built pivot configurations to filter and surface relevant security events.
• Summarize findings and present them in a structured weekly report for the internal security team.

Third-Party Risk Administration

• Send standardized vendor risk assessment emails and forms to new third-party vendors.
• Follow up with vendors to ensure timely completion of assessments.
• Maintain a structured Excel tracker recording outreach dates, responses, and assessment status.
• Coordinate with the internal team to obtain new vendor lists and keep records current.

Documentation & Communication

• Maintain accurate records of log reviews, DLP findings, vendor assessments, and weekly reports.
• Communicate proactively with internal stakeholders and end users when security events require action.
• Assist users who may be blocked due to geolocation anomalies or policy triggers, reducing escalation volume.

Required Skills & Qualifications

• 23 years of SOC operations experience or equivalent hands-on security monitoring exposure.
• Strong log analysis skills with the ability to interpret and triage security events across multiple platforms.
• Analytical mindset with a structured approach to identifying anomalies and patterns.
• Strong conversational English with the ability to communicate findings clearly to both technical and non-technical stakeholders.
• Proficient in Microsoft Excel, including pivot tables and data filtering.
• Comfortable working independently within defined processes and escalation paths.

Preferred Skills (Nice to Have)

• Familiarity with Zscaler Internet Access (ZIA) or Zscaler Private Access (ZPA);
• Exposure to Microsoft Entra ID (formerly Azure AD) for identity and access log analysis.
• Experience with Microsoft Purview or similar DLP platforms.
• Basic understanding of data exfiltration techniques and insider threat indicators.
• Prior experience in a third-party risk or vendor management support function.

What Youll Be Part Of

Youll join an engineering-first, outcome-driven team at Proglite, embedded directly within a clients extended security operations team. This role offers real-world exposure to enterprise-grade security tooling, structured mentorship from experienced SecOps engineers, and a clear path toward deeper specialization in cloud security, identity, or threat analysis.

• Direct engagement with enterprise Microsoft and Zscaler environments.
• Collaborative work with a strategic SecOps team on active security improvements.
• Exposure to DLP, identity security, and third-party risk all high-demand specializations.