Senior SOC Analyst/ Threat Hunter
![]() | |
![]() | |
![]() | |
![]() United States, California, Irvine | |
![]() | |
Position: Senior SOC Analyst/ Threat Hunter
Work Location: Irvine, CA (Onsite)
Hours: Standard Time Mon-Fri 7:00AM - 4:00PM/11:00AM-8:00PM : Daylight Saving Time (Summer Time) Mon-Fri 8:00AM - 5:00PM/12:00PM - 9:00PM
Overview:
A global leading service provider in cybersecurity solutions is seeking a highly skilled and experienced Senior SOC Analyst with a strong focus on Threat Hunting to join their dynamic Security Operations Center. In this pivotal role, you will be responsible for proactively searching for, identifying, and responding to sophisticated threats that evade traditional security controls. You will leverage advanced analytical techniques, threat intelligence, and a deep understanding of attacker methodologies to uncover hidden adversaries and strengthen our overall security posture. This is an exciting opportunity for an individual who thrives on solving complex security puzzles and is passionate about staying ahead of the curve in cybersecurity.
Essential Duties and Responsibilities include but not are limited to:
* Perform real-time monitoring and in-depth analysis of security events and alerts generated from SIEM (Security Information and Event Management) and other security tools.
* Investigate and respond to security incidents, ensuring timely containment, eradication, and recovery.
* Correlate security events from various sources to identify potential threats, vulnerabilities, and malicious activities.
* Proactively perform advanced threat-hunting activities to discover undetected threats, anomalous behaviors, and sophisticated attack techniques within the environment.
* Utilize a variety of advanced threat-hunting techniques, including hypothesis-driven hunting, indicator-driven hunting, and behavioral anomaly detection.
* Leverage threat intelligence sources (e.g., MITRE ATT&CK, industry reports, dark web monitoring) to inform and guide threat-hunting efforts.
* Employ specialized tools and platforms to conduct deep dives into network traffic, endpoint logs, and system artifacts.
* Develop and implement new SIEM rules, correlation searches, and detection logic to enhance the SOC's ability to identify and respond to threats discovered during threat-hunting exercises.
* Collaborate with other security teams (e.g., GRC, Engineering) to integrate new detection capabilities and improve overall security posture.
* Contribute to the continuous improvement of security monitoring processes and playbooks.
* Act as the primary subject matter expert (SME) for our Endpoint Detection and Response (EDR) platform(s).
* Utilize EDR capabilities for advanced incident investigation, forensic analysis, and proactive threat hunting.
* Provide guidance and training to junior analysts on EDR functionalities and best practices.
* Collaborate with EDR vendors and internal teams to optimize EDR configuration and maximize its effectiveness.
* Collaborate closely with incident response, vulnerability management, and other cybersecurity teams.
* Document findings, create clear and concise reports, and present technical information to both technical and non-technical audiences.
* Stay current with emerging threats, attack techniques, and security technologies.
Qualifications:
* Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. (Relevant work experience may be considered in lieu of a degree).
* Minimum of 4+ years of experience in a Security Operations Center (SOC) or similar cybersecurity role.
* Proven experience in threat hunting, security event analysis, and incident response.
* Demonstrable expertise with SIEM platforms (e.g., Splunk, QRadar, Azure Sentinel, Elastic Stack) including rule creation, log analysis, and dashboarding.
* Strong practical experience with Endpoint Detection and Response (EDR) tools (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Carbon Black).
* In-depth understanding of common attack vectors, security vulnerabilities, and defensive strategies.
* Proficiency in scripting languages (e.g., Python, PowerShell) for automation and analysis is a plus.
* Familiarity with cloud security concepts and platforms (AWS, Azure, GCP) is highly desirable.
* Knowledge of network protocols, operating systems (Windows, Linux, macOS), and enterprise architectures.
* Understanding of MITRE ATT&CK framework and its application in threat hunting and detection.
* Experience with forensic tools and techniques.
* Excellent analytical and problem-solving skills with a keen eye for detail.
* Strong communication and interpersonal skills, with the ability to work effectively in a team environment.
* Ability to work independently and manage multiple priorities in a fast-paced environment.
* Strong desire for continuous learning and professional development.
* Relevant industry certifications such as CISSP (Certified Information Systems Security Professional), GIAC (Global Information Assurance Certification) 50X Series or above (required).
* Certifications such as MCSE (Microsoft Certified Solutions Expert) , MCP (Microsoft Certified Professional), CCNA (Cisco Certified Network Associate), Security+ (CompTIA Security+) (preferred). The base pay range above represents the low and high end of the base compensation range we reasonably expect to pay for this position. Actual base compensation will vary and may be above or below the range based on various factors including, but not limited to, geographic location, actual experience, and job performance. This job posting is not a promise of any specific pay for any specific employee. The range listed is just one component of the total compensation package for our employees. Based on the details of your position, we provide a variety of benefits to our employees, including medical, dental, and vision plans, pre-tax savings plans, pre-tax parking and commuter plans, supplemental health and welfare plans, a retirement savings plan, an employee assistance program, pet insurance, and paid holidays. Other rewards may include short-term incentives and paid time off. After you have applied, download our Staffmark Group WorkNOW App to receive real-time job offers and apply for additional opportunities. You can download it from the App Store or get it on Google Play. About Staffmark Staffmark is committed to providing equal employment opportunity for all persons regardless of race, color, religion (including religious dress and grooming practices), sex, sexual orientation, gender, gender identity, gender expression, age, marital status, national origin, ancestry, citizenship status, pregnancy, medical condition, genetic information, mental and physical disability, political affiliation, union membership, status as a parent, military or veteran status or other non-merit based factors. We will provide reasonable accommodations throughout the application, interviewing and employment process. If you require a reasonable accommodation, contact your local branch. Staffmark is an E-Verify employer. This policy is applicable to all phases of the employment relationship, including hiring, transfers, promotions, training, terminations, working conditions, compensation, benefits, and other terms and conditions of employment. All employees are directed to familiarize themselves with this policy and to act in accordance with it. All decisions with respect to employment matters and other phases of employer-temporary employee relationships will be in keeping with this policy and in accordance with all applicable laws and regulations. To read our candidate privacy info statement which explains how we will use your information click here. |