Security Operations Center Analyst

Facilities and Business Operations:

The Facilities and Business Operations at UCF is dedicated to fostering a conducive educational environment for our faculty staff students and the broader community. We are committed to excellence providing unparalleled expertise and maintaining a world-class standard in service.

Please visit us at: Facebook and Instagram: UCF Facilities

The Opportunity:

The Information Technology department within Facilities and Business Operations is seeking to hire four (4) Security Operations Center (SOC) Analysts. The Security Operations Center (SOC) Analysts are critical to safeguarding the universitys academic research and administrative environments. SOC Analysts are responsible for monitoring detecting analyzing and responding to cybersecurity threats ensuring continuous protection of institutional assets through 24/7 operations. Leveraging both traditional and AI-driven security technologies this role strengthens the universitys overall cyber defense posture.

Classification Title: Information Security Professional III

Responsibilities:

• Monitor SIEM EDR IDS/IPS firewalls and other security tools for alerts and anomalies.

• Perform initial triage and validation of security alerts to identify potential incidents.

• Conduct deep analysis of events using multiple data sources (e.g. SIEM logs endpoint telemetry network traffic).

• Lead investigations involving advanced persistent threats (APTs) insider threats or multi-stage attacks.

• Perform root cause analysis and develop post-incident reports with tactical and strategic recommendations.

• Create and tune detection rules and automation workflows within SIEM and SOAR platforms.

• Monitor detect and analyze AI-driven attack techniques (e.g. prompt injection data poisoning model theft adversarial input attacks).

• Evaluate and deploy AI-based security capabilities (e.g. anomaly detection models LLM-based analysis tools) to enhance threat visibility.

Minimum Qualifications:

Bachelors degree and 4 years of relevant experience; or High School Diploma (or equivalent) and 8 years of relevant work experience in lieu of degree oran equivalent combination of education and experiencepursuant toFla. Stat. 112.219(6).

Preferred Qualifications:

We welcome candidates with any of the following experience:

• 5 years of operational cybersecurity experience including work in a Security Operations Center (SOC) incident response or similar security operations role.

• Hands-on experience with core SOC technologies including: SIEM platforms (e.g. Splunk QRadar Microsoft Sentinel) SOAR tools for automation and orchestration Endpoint detection and response (EDR) solutions Network IDS/IPS technologies and Firewall administration and enterprise log analysis.

• Experience developing and tuning detection capabilities including writing correlation rules alerts and automated workflows within SIEM and SOAR environments.

• Scripting proficiency (e.g. Python PowerShell Bash) for automation custom detections data parsing and enrichment.

• Knowledge of emerging AI-driven attack vectors including prompt injection adversarial machine learning techniques data poisoning and model extraction attacks.

• Experience deploying or tuning AI-based security capabilities such as anomaly detection models AI-assisted triage tools or LLM-driven threat analysis workflows.

• Demonstrated incident response expertise including triage advanced threat analysis containment root-cause analysis and post-incident reporting.

• Familiarity with digital forensics tools methodologies and evidence-handling (endpoint network or cloud forensics).

• Understanding of cloud security principles and monitoring within Azure Amazon Web Services (AWS) and/or Google Cloud environments including hybrid infrastructure.

• Strong analytical investigative and problem-solving skills with the ability to communicate technical findings clearly to both technical and non-technical audiences.

• Experience in higher-education or complex enterprise environments including research and administrative support data-security compliance frameworks (e.g. FERPA HIPAA NIST 800-171) and the unique network/security challenges of university settings.

• Relevant Industry-recognized certifications such as CompTIA Security CySA CEH GIAC Security Essentials (GSEC) or Certified SOC Analyst (CSA).

Special Instructions to the Applicants:

The Security Operations Center (SOC) is open 24 hours per day 7 days per week including holidays. The SOC staff will work a rotational shift model to support continuous security monitoring. The selected candidate will be required to work rotating shifts that include nights weekends and holidays.

Position requires a valid Class E drivers license. This position may involve driving to various locations on and off campus to conduct University business.

Applicant must be authorized to work for any U.S. employer as sponsorship is not available for this position now or in the future.

The anticipated salary range for this position is $89076 to $100000 The final salary will be determined based on the candidates qualifications experience and internal equity considerations

If you are selected as the final candidate for an employment opportunity both your position and salary will be significantly based upon the information that you have provided in your application for employment. We urge you to please take the time to complete the application in its entirety.

UCF is seeking to fill multiple roles. Candidates for this job posting will be considered for additional vacancies in this department.

Classification Title: Information Security Professional III

Department

Work Schedule

Type of Appointment

Expected Salary

Job Posting End Date

As a Florida public university the University of Central Florida makes all application materials and selection procedures available to the public upon request.

UCF is proud to be a smoke-free campus and an E-Verify employer.

If an accommodation due to a disability is needed to apply for this position please call or email .

For general application or posting questions please email .