SOC Analyst - Contract - Candidate is local to Columbia, SC
SOC Analyst
Location:Remote
Interview Process:1 round, Virtual/Online - potential for a 2nd round onsite as needed
Duration: 12 Months
Employment Type: Contract
Experience Required: 10+ Years
Candidate Location: Candidate is local to Columbia, SC or surrounding city in South Carolina
Project Scope:
Seeking an experienced Tier 2 SOC Analyst to support enterprise security monitoring, threat detection, incident response, and security investigations. This role focuses on analyzing complex security events, coordinating incident response activities, and improving SOC detection and response capabilities across a centralized security operations environment.
The analyst will also engage with internal teams and state agencies to enhance adoption and effectiveness of enterprise security services.
Key Responsibilities:
· Monitor, analyze, and correlate security events across:
SIEM platforms
EDR/XDR solutions
IDS/IPS systems
Threat intelligence feeds
· Investigate and validate security incidents, determine root cause, assess impact, and escalate critical issues to Tier 3 with full technical context.
· Perform deep-dive analysis of suspicious activity including malware, phishing, and policy violations.
· Conduct incident response activities including containment, eradication, and recovery support.
· Develop detailed incident reports, timelines, post-incident summaries, and lessons-learned documentation.
· Recommend improvements to SOC playbooks, detection rules, correlation logic, and alert tuning to reduce false positives and improve coverage.
· Perform proactive threat hunting using MITRE ATT&CK framework, TTP-based analysis, and threat intelligence data.
· Collaborate with engineering teams to tune and optimize security tools and monitoring platforms.
· Integrate and operationalize new threat intelligence feeds into SOC workflows.
· Support dashboard creation, reporting, and SOC performance metrics.
· Serve as a subject matter expert (SME) interacting with stakeholders and promoting SOC service capabilities.
· Document SOC processes, runbooks, incident handling procedures, and troubleshooting guides.
· Coordinate with SOC teams, engineering teams, and agency stakeholders to ensure effective security operations.
Required Skills & Experience:
· 2+ years of hands-on experience in:
Security monitoring and incident response
Strong experience in SOC operations and security event analysis
· 2+ years of experience working with:
MITRE ATT&CK framework
Threat detection techniques and attack mapping
· Experience in:
Dashboard creation and security reporting
Log analysis and correlation across security tools
· Strong understanding of:
SIEM platforms
EDR/XDR tools
IDS/IPS systems
Threat intelligence platforms
· Experience in incident investigation, escalation, and root cause analysis
· Strong knowledge of cybersecurity principles and SOC workflows
Preferred Skills:
· Hands-on experience with Palo Alto Cortex:
XSIAM / XDR platform
· Knowledge of:
Linux administration
Network administration and network architecture
· Experience with:
Firewalls
VPN technologies
Active Directory
IDS/IPS systems
· Experience in SOC automation, detection tuning, and threat hunting
· Strong analytical and communication skills for stakeholder interaction
Education & Certifications:
· Bachelor’s degree in IT, Cybersecurity, or related field
· CISSP / CISA / equivalent advanced security certifications
· CEH / OSCP / GPEN or similar offensive security certifications
· Vendor-specific security certifications (SIEM, XDR, firewall, etc.)
Remote
About the Company:
SUNSHINE ENTERPRISE USA LLC
Location:Remote
Interview Process:1 round, Virtual/Online - potential for a 2nd round onsite as needed
Duration: 12 Months
Employment Type: Contract
Experience Required: 10+ Years
Candidate Location: Candidate is local to Columbia, SC or surrounding city in South Carolina
Project Scope:
Seeking an experienced Tier 2 SOC Analyst to support enterprise security monitoring, threat detection, incident response, and security investigations. This role focuses on analyzing complex security events, coordinating incident response activities, and improving SOC detection and response capabilities across a centralized security operations environment.
The analyst will also engage with internal teams and state agencies to enhance adoption and effectiveness of enterprise security services.
Key Responsibilities:
· Monitor, analyze, and correlate security events across:
SIEM platforms
EDR/XDR solutions
IDS/IPS systems
Threat intelligence feeds
· Investigate and validate security incidents, determine root cause, assess impact, and escalate critical issues to Tier 3 with full technical context.
· Perform deep-dive analysis of suspicious activity including malware, phishing, and policy violations.
· Conduct incident response activities including containment, eradication, and recovery support.
· Develop detailed incident reports, timelines, post-incident summaries, and lessons-learned documentation.
· Recommend improvements to SOC playbooks, detection rules, correlation logic, and alert tuning to reduce false positives and improve coverage.
· Perform proactive threat hunting using MITRE ATT&CK framework, TTP-based analysis, and threat intelligence data.
· Collaborate with engineering teams to tune and optimize security tools and monitoring platforms.
· Integrate and operationalize new threat intelligence feeds into SOC workflows.
· Support dashboard creation, reporting, and SOC performance metrics.
· Serve as a subject matter expert (SME) interacting with stakeholders and promoting SOC service capabilities.
· Document SOC processes, runbooks, incident handling procedures, and troubleshooting guides.
· Coordinate with SOC teams, engineering teams, and agency stakeholders to ensure effective security operations.
Required Skills & Experience:
· 2+ years of hands-on experience in:
Security monitoring and incident response
Strong experience in SOC operations and security event analysis
· 2+ years of experience working with:
MITRE ATT&CK framework
Threat detection techniques and attack mapping
· Experience in:
Dashboard creation and security reporting
Log analysis and correlation across security tools
· Strong understanding of:
SIEM platforms
EDR/XDR tools
IDS/IPS systems
Threat intelligence platforms
· Experience in incident investigation, escalation, and root cause analysis
· Strong knowledge of cybersecurity principles and SOC workflows
Preferred Skills:
· Hands-on experience with Palo Alto Cortex:
XSIAM / XDR platform
· Knowledge of:
Linux administration
Network administration and network architecture
· Experience with:
Firewalls
VPN technologies
Active Directory
IDS/IPS systems
· Experience in SOC automation, detection tuning, and threat hunting
· Strong analytical and communication skills for stakeholder interaction
Education & Certifications:
· Bachelor’s degree in IT, Cybersecurity, or related field
· CISSP / CISA / equivalent advanced security certifications
· CEH / OSCP / GPEN or similar offensive security certifications
· Vendor-specific security certifications (SIEM, XDR, firewall, etc.)
Remote
About the Company:
SUNSHINE ENTERPRISE USA LLC