Job SummaryAt Nothreat, we are redefining modern cybersecurity through automation, AI, and real-time threat intelligence. As a Senior Cyber Security SOC Analyst, you’ll play a pivotal role in our Security Operations Center (SOC), leading advanced incident detection, triage, and response activities.
This position demands deep expertise in identifying and mitigating complex cyber threats in real time. You’ll be instrumental in coordinating major incident responses, mentoring junior analysts, and continuously evolving our detection and response capabilities. Your work will directly impact the resilience of our clients and the integrity of their environments.
In addition to reactive duties, you’ll proactively hunt for threats that bypass traditional detection systems and work closely with our threat intelligence, engineering, and product teams to enhance our cybersecurity posture.
Key Responsibilities- Analyze and respond to high-priority alerts and incidents across diverse environments.
- Lead containment, eradication, and recovery efforts for critical incidents.
- Develop, test, and improve incident response playbooks and operational processes.
- Conduct post-incident reviews and root cause analyses to improve response posture.
- Actively participate in threat hunting initiatives using telemetry and behavior-based analysis.
- Improve detection use cases using indicators from threat intelligence and real-world attack techniques.
- Manage and tune SIEM rules, EDR/XDR detections, and anomaly-based alerts.
- Support forensic investigations including log and artifact analysis.
- Coach and mentor junior SOC analysts to develop team skillsets.
- Collaborate with cross-functional teams to implement secure practices and architecture improvements.
Candidate ProfileEducation & Experience
- Bachelor’s degree in Cybersecurity, Computer Science, or related field—or equivalent experience.
- 4–6 years of cybersecurity experience, with at least 2 years in threat hunting or advanced incident response.
Preferred Certifications
- GIAC Certified Incident Handler (GCIH)
- Certified Ethical Hacker (CEH)
- Splunk Certified Security Analyst or Admin
- Certified Information Systems Security Professional (CISSP)
- MITRE ATT&CK Defender (MAD) or equivalent
- AWS/Azure Security certifications (a plus)
Technical Skills
- Strong command of SIEM platforms (e.g., Splunk, Sentinel, QRadar).
- Hands-on expertise with EDR and XDR platforms (e.g., CrowdStrike, SentinelOne).
- Deep familiarity with the MITRE ATT&CK framework and TTPs.
- Proficient in scripting (Python, PowerShell) for automation and investigation.
- Experience with forensic tools and cloud monitoring (AWS, Azure, or GCP).
- Understanding of malware behavior, packet capture analysis, and system-level threats.
Soft Skills
- Analytical mindset and detail-oriented approach to problem-solving.
- Strong written and verbal communication—able to convey technical details clearly.
- Able to work independently and as part of a distributed, fast-moving team.
- Willingness to participate in on-call rotation or handle critical escalations as needed.
