Note: The job is a remote job and is open to candidates in USA. Authentic8 is a company that transforms how organizations conduct digital investigations through their cloud-native platform. They are seeking a SOC Security Analyst to monitor and respond to security detections, develop SIEM use cases, and provide operational support within the Security & Compliance team.
Responsibilities
- Monitor, investigate, and respond to security detections across the SIEM, driving alerts to resolution
- Develop, tune, and maintain SIEM use cases and correlation rules to improve detection coverage
- Build and deliver operational reports and dashboards from available SIEM log source data
- Identify, assess, and escalate high-impact events from multiple data sources to senior staff and stakeholders following established procedures
- Intake, triage, and respond to security reports (phishing, suspicious activity, etc.), escalating as necessary
- Own the lifecycle of security tickets in the case management system, ensuring accurate documentation, timely updates, and proper closure
- Support proactive investigations and threat hunting as directed
- Provide day-to-day SOC operational support and coverage, communicating findings and relevant event details clearly to team members and stakeholders
- Draft and update SOC and Authentic8 documentation, runbooks, standards, and procedures
- Work with system and application owners to remediate discovered security vulnerabilities
- Ability to collaborate effectively in a dynamic team environment
Skills
- 2+ years of experience in security operations, incident response, or a related security discipline (SOC analyst experience strongly preferred)
- Hands-on SIEM experience - investigating alerts, building and tuning use cases and correlation rules, and generating reports (e.g., Splunk, Microsoft Sentinel, Elastic, QRadar, or similar)
- Demonstrated experience with phishing analysis and email security response
- Proven ability to triage and escalate security incidents independently using documented playbooks
- Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S) and operating systems (Windows and Linux)
- Experience with case/ticket management and clear, audit-ready documentation
- Strong written and verbal communication skills, with the ability to convey findings to both technical and non-technical audiences
- Ability to work independently with minimal oversight in a structured operations environment
- Must be able to pass a background investigation in accordance with company policy
- Must be a US Citizen
- Security certifications such as CySA+, GCIH, GCIA, Security+, or Blue Team Level 1 (BTL1)
- Experience with EDR platforms, IDS/IPS, and vulnerability scanners
- Scripting ability for automation and enrichment (Python, PowerShell, Bash)
- Experience with SOAR platforms or automated response workflows
- Exposure to threat intelligence and IOC-driven threat hunting methodologies
Company Overview