Security Operations Analyst

1 month, 3 weeks ago
Full-time
Junior
Cybersecurity
AlphaSense

AlphaSense

AlphaSense develops an artificial intelligence-based search platform that enables investment and corporate professionals to quickly access and analyze extensive financial data and market insights from over 500 million documents, enhancing decision-maki...

Internet Software & Services
251-1K
Founded 2011
$770M raised

Description

  • Monitor and triage security alerts across SIEM, EDR, cloud security, identity, and other platforms.
  • Perform initial investigation on escalated events by collecting and correlating evidence across log sources.
  • Execute containment and remediation actions within defined escalation thresholds.
  • Maintain accurate and timely incident documentation in the tracking system.
  • Contribute to YARA-L rule development and tuning in Chronicle/Google SecOps.
  • Assist with CrowdStrike Falcon IOA and prevention policy maintenance.
  • Review threat intelligence feeds and correlate IOCs against internal telemetry.
  • Identify detection gaps and recommend improvements to security coverage.
  • Triage cloud security findings and investigate identity anomalies such as suspicious logins and MFA bypass attempts.
  • Author and maintain SOC runbooks and triage playbooks, and participate in shift handoff knowledge transfer.

Requirements

  • 2–4 years of experience in SOC, incident response, or security operations.
  • Bachelor's degree (B. Tech) from a Tier 1 or Tier 2 institution.
  • Hands-on experience with a SIEM platform such as Chronicle, Splunk, Sentinel, or equivalent.
  • Familiarity with EDR tooling, preferably CrowdStrike Falcon.
  • Foundational understanding of cloud security concepts across AWS or GCP.
  • Working knowledge of identity threat patterns such as credential stuffing, MFA fatigue, and account takeover.
  • Ability to read and interpret authentication, network, endpoint, and cloud audit logs.
  • Strong written communication skills for clear incident documentation and escalation summaries.
  • Exposure to CSPM/CWPP platforms (preferred).
  • Scripting proficiency in Python or similar for basic automation and log parsing (preferred).
  • Relevant certifications such as CompTIA Security+, CySA+, GCIH, or GCIA (preferred).

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

SOC Analyst L1

CallTek 51-250 Internet Software & Services

SOC Analyst L1 at a cybersecurity operations team responsible for monitoring, triaging, documenting, and escalating security alerts from multiple defensive systems.

CrowdStrike Cybersecurity DNS IDS Linux Lucene Network Security SIEM Splunk TCP/IP
16 hours, 53 minutes ago

Open Source Investigators - Contractor - UK

Centre for Information Resilience 11-50 Diversified Consumer Services

Centre for Information Resilience is hiring two OSINT Investigators to support a team investigating malign influence through open-source research, digital analysis, and reporting work focused on documenting harmful networks and activity.

17 hours, 8 minutes ago

Information Security Analyst

Didomi 51-250 IT Services

Didomi is hiring an Information Security Analyst to support its Security & IT team in keeping the company’s ISO 27001 program audit-ready and handling recurring security and compliance operations across the business.

AWS GitHub GitLab HIPAA Notion
17 hours, 23 minutes ago

FBS Information Security Analyst

Capgemini 100K+ Internet Software & Services

Farmers Business Services, through Capgemini as Employer of Record, is hiring an Information Security Analyst to manage mainframe access security and help protect systems and data from unauthorized access and incidents.

DB2
2 days, 17 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers