Security Operations Center Analyst

PRI Technology Logo
PRI Technology
Austin, TEXAS METROPOLITAN AREA, United States
  • IT
  • FullTime
  • Applications have closed

Responsibilities:

• Provide mentorship and technical oversight to L2 analysts and MSSP-led supporting staff, reviewing investigations and guiding escalation decisions.

• Lead incident response efforts for high-severity events, coordinating across teams to ensure effective containment and remediation.

• Contribute to the development and refinement of SOC processes, playbooks, and escalation protocols.

• Participate in hiring, onboarding, and training activities to build a high-performing SOC team.

• Conduct advanced investigations of security alerts and incidents, including malware analysis, lateral movement, and data exfiltration.

• Perform threat hunting using hypothesis-driven approaches and threat intelligence to uncover hidden threats.

• Develop and tune detection rules, correlation logic, and behavioral analytics across SIEM, EDR, and cloud platforms.

• Analyze attacker TTPs and translate them into actionable detections using frameworks such as MITRE Telecommunication & CK and the Cyber Kill Chain.

• Lead forensic investigations, including memory, disk, and network analysis, to support incident response and legal requirements.

• Collaborate with detection engineering and threat intelligence teams to improve detection coverage and response workflows.

• Serve as a key point of contact during major incidents, providing technical updates and risk assessments to leadership and stakeholders.

• Document investigation findings, incident timelines, and lessons learned in a clear and structured format.

• Support compliance and audit efforts by ensuring incident handling aligns with regulatory and policy requirements.

• Collaborate with IT, OT, and business units to ensure visibility and response capabilities across all environments.

• Contribute to SOC maturity assessments and strategic planning to enhance the organization’s cyber defense posture.

Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start)

• Five (5) years of experience in a SOC or cybersecurity operations role, with at least 2 years in a senior or L3 capacity in a private, public, government or military environment

• Proficiency in SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Carbon Black), and forensic tools.

• Strong understanding of Windows, Linux, and cloud environments (AWS, Azure, GCP) from a security perspective.

• Experience with scripting or automation (e.g., Python, PowerShell) is a plus.

• Familiarity with threat intelligence platforms, malware analysis tools, and adversary simulation frameworks.

• Industry certifications such as GCIA, GCIH, GCFA, OSCP, or equivalent are highly desirable.

• Excellent communication skills, with the ability to convey complex technical issues to both technical and non-technical audiences.

• Senior-level expertise in leading complex investigations and responding to advanced cyber threats

• Skilled in malware analysis, threat hunting, and forensic investigations across diverse environments

• Proficient in developing detection logic and tuning analytics to identify sophisticated attacker behaviors

• Strong understanding of adversary TTPs and frameworks like MITRE Telecommunication & CK and Cyber Kill Chain

• Effective mentor and technical leader for junior analysts, fostering a culture of excellence in the SOC

• Experienced in coordinating incident response efforts and communicating findings to stakeholders

• Committed to continuous improvement of SOC processes, playbooks, and detection capabilities

• Strategic thinker with the ability to assess risk, lead under pressure, and drive operational maturity

Apply for job