Security Operations Center Analyst/Apprentice

United States

Applications have closed
The Security Operations Center Analyst (SOC Analyst or Apprentice) is responsible for the day-to-day monitoring of client activity within the Security Operations Center (the Apprentice is under the guidance of other analysts & interfaces with other analysts but is reviewing live activity or simulations in labs or provided specific training scenarios).

The SOC Analyst will interface with internal management, customers, employees, and consultants, across multiple clients and industries, to perform the required technical monitoring activities. More advanced analysts will also be responsible for vulnerability scanning, penetration testing, and creating reports.

What we're looking for:

  • Prior experience or education in a variety of technologies pr programs (SIEMs, EDRs, FWs, Windows, Linux, VMs, Cisco, Juniper, IDS/IPS, DLP, Barracuda, Blue Talon, Apigee, AV, MW, RW, Proxy Servers, SQL, Oracle, C++/C+, Python etc.), and be well versed in the current state of Information Security Topics, be able to recognize network, operating system, and intrusion detection details.
  • Analyst level is determined based on experience, proficiency and education.

Essential Functions (All Levels)

  • Knowledge of basic business applications; i.e. MS Word, Excel, Outlook, Google/Firefox browsers & security of browser
  • Knowledge of network, desktop and server technologies
  • Strong verbal and written communication skills
  • Exhibits professionalism through dress, camera readiness presence and conversation
  • Monitor, analyze, and investigate security events in accordance with proficiency level (Apprentice/I/II/III)
  • Conduct Information Security research and provide action and response
  • Create and Modify collateral, with guidance, to reflect lessons learned and discovered information
  • Other duties as assigned by management

Proficiency Level - SOC Analyst I: Triage

  • Monitor, identify and triage alerts to determine severity and response requirement
  • Ability to perform basic malware analysis, virus exploitation and mitigation techniques
  • Create and manage tickets for alerts to be reviewed by a Level II or above; workshop response for learning and growth
  • Schedule and perform vulnerability scans and prepare initial reports as directed
  • Demonstrate working knowledge of appropriate software programs used; i.e. monitoring, investigating, and reporting
  • Develop understanding of Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS)
  • Prove proficiency at handling first level response for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches
  • Stay up-to-date on information technology trends and security standards

Proficiency Level - SOC Analyst II: Responder

  • Have completed training and obtained required certifications as directed by management and Partner
  • Demonstrate the ability to perform advanced malware analysis, virus exploitation and mitigation techniques
  • Starting to demonstrate technical knowledge in a specialty process/function
  • Create and manage tickets for alerts to be reviewed by a Level III or above; workshop response for learning and growth
  • Review and respond to tickets created by Level I analysts
  • Point of escalation and mentoring for Level I analysts for growth
  • Configure and manage security monitoring tools
  • Demonstrates a solid understanding of network, desktop and server technologies
  • Proven experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS)
  • Use threat intelligence to determine the affected systems and scope
  • Consistently demonstrate the ability to identify, triage, and correlate individual events to either rule out as false positive, trigger standard detective and corrective responses, or escalating as a security incident
  • Research security enhancements and make recommendations to management
  • General understanding of client businesses and educates self on technical issues related to the clients’ industry

Proficiency Level - SOC Analyst III: Hunter

  • Demonstrates advanced knowledge with respect to appropriate software programs used by ITSA
  • Performs complex technical research and prepares conclusions for presentation to management and Partner
  • Demonstrates a thorough understanding of network, desktop and server technologies
  • Proven experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS)
  • Able to deploy, configure and monitor Security Information and Event Management (SIEM) platform for security alerts. Integrate and work with the firms Managed Security Services Provider (MSSP) services
  • Able to work with project lead to implement/manage technical solutions that support internal ITSA processes
  • Independently investigate security breaches and other cyber security incidents and mentor L1/L2 analysts where needed
  • Conduct penetration and other testing as required and requested by management
  • Recommend how to optimize existing tools and recommend improvements to efficiency and effectiveness
  • Demonstrates the ability to productively work with staff and clients in the engagement and manage/complete the day to day responsibilities in the engagement
  • Understands how client business operates and can identify and suggest resolutions for technical issues
  • Ability to inspire client confidence through knowledge, quality of work, and project management
  • Exhibits leadership qualities by communicating with confidence, welcoming feedback and demonstrating professionalism, i.e. positive attitude, good judgment, poise, professional attire and demeanor
  • Takes on additional responsibilities and takes charge of the team to complete the engagement and necessary assignments
  • Is Credible. The staff and clients have confidence in their leadership abilities; perceived as a highly trusted individual
  • Mentor Level II/III for growth.
Wondering if you should apply?

At BPM we are people who value people. We are progressive and purposeful. We are a firm with flexibility. Our
shared entrepreneurial spirit drives us to see and do things differently. And our passion for people makes BPM a place where everyone feels welcome, valued, and part of something bigger.


BPM provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.

Please note - this posting is for prospective candidates only. Unsolicited third-party resume submissions will be considered property of BPM and will not be acknowledged or returned.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: C IDS Intrusion detection IPS Linux Malware Monitoring Oracle Pentesting Python SIEM SOC SQL Threat intelligence Vulnerability scans Windows

Perks/benefits: Career development Team events

Region: North America
Country: United States
Job stats:  181  87  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.