- Company Name
- Paul Hastings
- Job Title
- Security Operations Center (SOC) Analyst
- Job Description
-
**Job title**
Security Operations Center (SOC) Analyst
**Role summary**
First‑line analyst for the Information Security team, operating on the second shift (03:00 pm–12:00 am ET, Monday–Friday). Responsible for real‑time threat hunting, detection triage, incident response, and routine security maintenance while collaborating with engineering, IT, and business stakeholders to maintain organizational security posture and ensure compliance.
**Expectations**
- Work a fixed second‑shift schedule and participate in an on‑call rotation.
- Exercise independent judgment and critical thinking to assess and remediate security events.
- Communicate complex security concepts clearly to technical and non‑technical audiences.
- Maintain accurate, up‑to‑date documentation and knowledge base.
**Key responsibilities**
- Continuously monitor security tools (VPN, email security, endpoint protection, firewalls, web filtering, IAM, vulnerability management) for indicators of compromise and data exfiltration.
- Triage and remediate security detections; determine when to escalated events to Tier 2/3 teams.
- Support Tier 2/3 analysts by implementing changes, performing maintenance, and providing incident context.
- Re‑prioritize, track, and close tickets through the organization’s ticketing system.
- Create and maintain security documentation, runbooks, and procedures.
- Liaise with IT, engineering, and business units to coordinate threat mitigation and system hardening initiatives.
- Participate in post‑incident reviews, root‑cause analyses, and continuous improvement activities.
**Required skills**
- 2+ years’ experience in cybersecurity operations, IT support, or a related field.
- Strong analytical and troubleshooting skills across security domains.
- Proficient in the use of SIEM, SOAR, and endpoint/detection tools.
- Excellent written and verbal communication; ability to translate technical security findings into business terms.
- Deep understanding of security principles: least‑privilege access, firewall and web‑filtering management, vulnerability and risk assessments, identity & access management.
- Critical thinking and decisive action under pressure.
**Required education & certifications**
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related discipline.
- Intermediate to expert level cybersecurity operations certifications, such as:
- ISC² CISSP
- Palo Alto Networks PCNSE
- CompTIA Security+
- ISC² CC (CompTIA Cybersecurity Analyst)
- Demonstrated knowledge of security protocols, risk management, and incident response frameworks.