{"id":915,"date":"2025-12-25T05:53:40","date_gmt":"2025-12-25T05:53:40","guid":{"rendered":"https:\/\/skillbasedmatching.com\/jobs\/?post_type=jobpost&#038;p=915"},"modified":"2025-12-25T05:53:44","modified_gmt":"2025-12-25T05:53:44","slug":"soc-mid-level-analyst-ecs-remote-tri-state","status":"publish","type":"jobpost","link":"https:\/\/skillbasedmatching.com\/jobs\/current-jobs\/soc-mid-level-analyst-ecs-remote-tri-state\/","title":{"rendered":"SOC Mid-Level Analyst \u2013 ECS (Remote\/Tri-State)"},"content":{"rendered":"\n<p>\u200bThis is a <strong>Remote (Work from Home)<\/strong> position, but with a specific residency requirement: candidates must live in the <strong>NY\/NJ\/CT tri-state area<\/strong> for occasional onsite client visits. This role is designed for an experienced analyst who has worked in a mature 24x7x365 environment and is ready to move beyond basic monitoring into process development and automation.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Requisition ID:<\/strong> #2976<\/li>\n\n\n\n<li>\u200b<strong>Salary Range:<\/strong> $120,000 &#8211; $145,000<\/li>\n\n\n\n<li>\u200b<strong>Shift Schedule:<\/strong> Friday &#8211; Monday, 7:00 AM &#8211; 5:00 PM ET (4&#215;10 shift).<\/li>\n\n\n\n<li>\u200b<strong>Location:<\/strong> Remote (Residing in NY, NJ, or CT).<\/li>\n\n\n\n<li>\u200b<strong>Core Technology:<\/strong> SIEM, SOAR, EDR, and Threat Intel feeds (US-CERT, MS-ISAC).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bKey Responsibilities: Monitoring, Hunting, and Automation<\/h2>\n\n\n\n<p>\u200bAs a Mid-Level Analyst, you act as a technical leader within the shift, handling complex escalations and improving the SOC&#8217;s underlying logic.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bContinuous Monitoring &amp; Incident Handling<\/h3>\n\n\n\n<p>\u200bYou will monitor the SIEM alert queue, phishing inboxes, and intelligence feeds to identify intrusions. When a critical incident occurs, you are responsible for executing <strong>containment, remediation, and recovery<\/strong> activities. Following an incident, you will lead the &#8220;Lessons Learned&#8221; review to identify control failures or outdated procedures.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bDetection Engineering &amp; SOAR Tuning<\/h3>\n\n\n\n<p>\u200bA primary focus of this role is improving <strong>alert fidelity<\/strong>. You will coordinate with SIEM engineers to tune rules and reduce false positives. Furthermore, you will assist in creating and refining <strong>Security Orchestration, Automation, and Response (SOAR)<\/strong> playbooks, transforming manual investigative steps into automated workflows to speed up response times.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bProactive Threat Hunting<\/h3>\n\n\n\n<p>\u200bYou won&#8217;t just wait for alerts. You will perform proactive threat hunting to find emerging risks that automated systems might miss. Working closely with <strong>Cyber Threat Intel<\/strong>, you will analyze detection patterns and compile detailed hunt reports for SOC leadership, often mapping these findings to the <strong>MITRE ATT&amp;CK Framework<\/strong>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bRequired Qualifications and Skills<\/h2>\n\n\n\n<p>\u200bECS is looking for a critical thinker who understands the nuances of log correlation and intrusion analysis.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Experience:<\/strong> Minimum <strong>3 years<\/strong> of experience in log analysis, intrusion detection, or info-sec operations.<\/li>\n\n\n\n<li>\u200b<strong>Technical Skills:<\/strong> Ability to build custom content in a SIEM and triage <strong>Indicators of Compromise (IoC)<\/strong>.<\/li>\n\n\n\n<li>\u200b<strong>Education:<\/strong> Bachelor\u2019s degree or equivalent experience.<\/li>\n\n\n\n<li>\u200b<strong>Environment:<\/strong> Proven experience working in a mature, high-volume 24&#215;7 SOC.<\/li>\n\n\n\n<li>\u200b<strong>Certifications (Preferred):<\/strong> CISSP, CEH, CISA, Security+, or CHFI.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bSummary of Role Impact<\/h2>\n\n\n\n<p>\u200bThe &#8220;Mid-Level&#8221; designation at ECS signifies that you are the engine of the SOC&#8217;s continuous improvement. By bridging the gap between raw monitoring and advanced automation, you ensure that the client&#8217;s infrastructure\u2014both on-premises and in the cloud\u2014is protected by high-fidelity detections. Your ability to work the Friday-to-Monday &#8220;bridge&#8221; shift is vital for maintaining security posture during high-risk weekend windows when many enterprise teams are offline.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u200bThis is a Remote (Work from Home) position, but with a specific residency requirement: candidates must live in the NY\/NJ\/CT tri-state area for occasional onsite client visits. This role is designed for an experienced analyst who has worked in a mature 24x7x365 environment and is ready to move beyond basic monitoring into process development and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[648,364,44],"jobpost_job_type":[39],"jobpost_location":[1194,469],"jobpost_tag":[2231,1315,1261,1938,4144,81,1250,3960,3888,3178],"class_list":["post-915","jobpost","type-jobpost","status-publish","hentry","jobpost_category-information-technology","jobpost_category-operations-management","jobpost_category-security","jobpost_job_type-remote","jobpost_location-montvale-nj","jobpost_location-new-york-ny","jobpost_tag-cissp","jobpost_tag-ecs","jobpost_tag-incident-response","jobpost_tag-mitre-attck","jobpost_tag-ny-nj-ct","jobpost_tag-remote","jobpost_tag-siem","jobpost_tag-soar","jobpost_tag-soc-analyst","jobpost_tag-threat-hunting"],"_links":{"self":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost\/915","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/media?parent=915"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_category?post=915"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_job_type?post=915"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_location?post=915"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_tag?post=915"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}