SOC Analyst

Job Description: SOC Analyst

Role: Security Operations Center (SOC) Analyst
Experience: 5 8 Years

Role Overview

Seeking a hands-on SOC Analyst to provide immediate operational support and free up internal security staff. This role focuses on real-time monitoring triage and response to security alerts across endpoint protection phishing incidents and email security tools.

Primary responsibility includes working with:

• SentinelOne (EDR/XDR alerts)
• Microsoft Defender (Email Endpoint Identity alerts)
• Phishing reports from end-users

Key Responsibilities

1. Security Alert Monitoring & Triage

• Monitor and triage alerts from:
  • SentinelOne (malware suspicious activity behavioral alerts)
  • Microsoft Defender (Defender for Endpoint Defender for Office 365)
• Perform initial investigation and classification:
  • True Positive / False Positive
  • Severity and impact assessment
• Escalate complex incidents to internal teams

2. Phishing Incident Response

• Analyze phishing reports submitted by users:
  • Email headers URLs attachments
• Take appropriate response actions:
  • Block sender/domain
  • Quarantine emails
  • Trigger user awareness notifications
• Coordinate with email security policies in Defender

3. Incident Response

Focus

• Alert triage and ticket creation
• Basic containment actions (isolate endpoint block indicators)
• Run predefined playbooks
• Deep-dive investigation of incidents
• Endpoint forensics (via SentinelOne)
• Correlate alerts across tools
• Execute remediation actions (kill processes isolate machines)

4. Ticketing & Documentation

• Create and update incident tickets (ServiceNow/JIRA or equivalent)
• Maintain clear investigation notes and evidence
• Ensure SLA adherence for response and resolution

5. Threat Detection & Improvement

• Identify recurring patterns and suggest tuning
• Reduce false positives via rule optimization
• Contribute to improving SOC playbooks and runbooks

Required Skills & Qualifications

Core Technical Skills

• Hands-on experience with:
  • SentinelOne (EDR/XDR investigation)
  • Microsoft Defender (Endpoint Email Security)
• Strong understanding of:
  • Phishing detection and analysis
  • Malware behavior and indicators of compromise (IOCs)
  • Email security (SPF DKIM DMARC basics)
• Familiarity with SIEM/SOAR tools (nice to have)

Preferred Skills

• Experience with:
  • Microsoft Defender for Office 365
  • Threat Intelligence platforms
• Basic scripting (PowerShell/Python) for investigation
• Understanding of MITRE ATT&CK framework

Soft Skills

• Strong analytical thinking
• Clear communication (written & verbal)
• Ability to work in fast-paced SOC environment
• High attention to detail

Certifications (Preferred)

• Security
• CySA / CEH
• Microsoft Security Operations Analyst (SC-200)

Note: Momento USA is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex pregnancy sexual orientation gender identity national origin age protected veteran status or disability status.