Cherry Bekaert
Website:
cbh.com
Job details:
SOC Analyst responsible for front-line security monitoring, alert triage, and incident response within a 24/7 Security Operations Center operating in partnership with Expel MDR. Monitors and investigates security events across Microsoft Sentinel, Microsoft Defender XDR, Zscaler, and Proofpoint, escalating confirmed threats in accordance with established playbooks and runbooks.
Performs initial triage of Expel-escalated alerts, conducts log analysis using KQL in Sentinel, and executes containment and remediation actions under the direction of the SOC Manager. Contributes to detection tuning, documentation, and continuous improvement of SOC processes.
Reports to the SOC Manager within the Security and Governance domain, supporting the Firm’s security operations posture in a PE-backed professional services environment of approximately 3,500 users
We are hiring a SOC Analyst (5+ years experience) to join our 24/7 Security Operations Center, focused on real-time threat monitoring, incident response, and security investigations.
In this role, you will work extensively with the Microsoft Security Stack (Sentinel, Defender XDR) along with tools like Zscaler and Proofpoint, while collaborating with our MDR partner (Expel) to detect and respond to cyber threats.
Key Highlights
- Hands-on role in incident response, alert triage, and threat hunting (KQL)
- Investigate and remediate security incidents across endpoint, identity, cloud, and email layers
- Execute containment actions (endpoint isolation, account disablement, blocking threats)
- Collaborate with security teams and contribute to improving SOC detection and response capabilities
- Work in a fast-paced 24/7 SOC environment supporting enterprise-scale operations
Ideal Candidate
- Strong experience with Microsoft Sentinel & Defender XDR
- Skilled in incident response, log analysis, and threat investigation
- Familiar with MITRE ATT&CK, MDR environments, and enterprise security tools
CERTIFICATION(S) REQUIRED:
CompTIA Security+, CompTIA CySA+, Microsoft SC-200, or GCIH preferred
Click on Apply to know more.