We are seeking a highly technical and leadership-oriented Principal SOC Analyst to serve as the senior technical authority within our 24x7 Security Operations Center. This is not just a monitoring role; you will be the architect of our detection strategy, the lead for complex incident response, and a key mentor to our L1-L3 analysts.
If you are passionate about threat hunting, automating away the "noise," and engaging with stakeholders to translate technical threats into business insights, this is the career-defining move for you.
Key Responsibilities
- SOC Strategy & Operations: Oversee daily operations to ensure elite-level detection, triage, and response. You will refine SOC KPIs and SLAs to drive operational excellence.
- Advanced Threat Handling: Lead complex investigations and containment strategies. You will develop hunting hypotheses and map adversary behavior using the MITRE ATT&CK framework.
- Continuous Improvement: Drive the optimization of detection content, SOPs, and playbooks. You will identify gaps in service delivery and implement automation (SOAR) to uplift maturity.
- Stakeholder Engagement: Act as the primary technical escalation point for customers and executives. You will lead service reviews and translate complex findings into clear, actionable business insights.
- Mentorship: Foster a culture of continuous learning by coaching analysts across all levels, leading tabletop exercises, and driving internal knowledge-sharing.
- Experience: 5-8 years of hands-on experience in Security Operations (SOC), Incident Response (IR), or Threat Detection.
- Technical Depth: Expert-level knowledge of SIEM, EDR, and SOAR platforms.
- Adversary Tradecraft: Strong understanding of TTPs, threat hunting, and alert tuning to reduce operational fatigue.
- Leadership: Proven ability to lead investigations and drive outcomes with clarity, especially during high-pressure incidents.
- Communication: Exceptional ability to engage with stakeholders and present performance dashboards that build confidence.
- GCIH or CompTIA CySA+
- Microsoft Security Operations Analyst (SC-200)
- Cloud Security or dedicated Threat Hunting certifications.
To Apply: Please submit your resume and a brief cover letter outlining your experience leading SOC maturity initiatives.
Contact Ref: Gary M
