About Saliense

At Saliense, we are committed to fostering a culture of continuous learning and professional growth. Our employees are encouraged to take on challenging and meaningful work, with ample opportunities for career advancement. We offer competitive compensation and benefits, including:

• 20 Days PTO + 40 Hours of Paid Sick & Safe Time
• 11 Federal Holidays + 2 Corporate Holidays
• Health, Vision, Dental, and Life Insurance
• 401(k) with Tiered Match & 100% Vesting
• Parental Leave for Birthing and Non-Birthing Parents
• Professional Development Reimbursement Program

We believe in empowering our team members to achieve their professional goals while contributing to impactful projects that make a difference. Join us at Saliense and be part of a growing organization dedicated to innovation, collaboration, and excellence. Visit www.saliense.com to learn more. 

There are many more - connect with us to get a preview of the full benefits package.

Position Description

The SOC Analyst serves as a critical member of the Security Operations Center (SOC), responsible for monitoring, investigating, responding to, and mitigating cybersecurity threats across the enterprise. Depending on experience and skill level, the analyst may perform Tier 1 alert monitoring and triage, Tier 2 incident investigation and response, and Tier 3 advanced threat hunting, detection engineering, and cyber defense leadership activities.

The analyst monitors and analyzes security events generated by a variety of security technologies, including Security Information and Event Management (SIEM) platforms, Endpoint Detection and Response (EDR) solutions, network security monitoring tools, cloud security platforms, email security systems, identity management systems, and threat intelligence feeds. Responsibilities include identifying suspicious activity, validating potential threats, investigating security incidents, determining scope and impact, and coordinating response efforts.

The SOC Analyst conducts investigations across endpoints, networks, cloud environments, and identity platforms to identify indicators of compromise, malicious activity, policy violations, and emerging threats. The position supports incident response activities through evidence collection, log analysis, threat intelligence correlation, malware triage, forensic review, and root cause analysis.

More experienced analysts may lead complex investigations involving ransomware, advanced persistent threats (APTs), insider threats, cloud compromises, and sophisticated attack campaigns. Senior-level analysts also contribute to detection engineering initiatives by developing and refining detection logic, improving alert fidelity, creating use cases, enhancing SOC processes, and mentoring junior analysts.

The role requires strong analytical skills, attention to detail, effective communication, and the ability to make informed decisions in a fast-paced operational environment. Analysts are expected to stay current with evolving cyber threats, attacker tactics, techniques, and procedures (TTPs), and emerging security technologies.

Key Responsibilities

• Monitor, triage, investigate, and respond to security alerts and events.
• Analyze security data from SIEM, EDR, network, cloud, email, and identity security platforms.
• Identify indicators of compromise, suspicious activity, and potential security incidents.
• Perform incident investigation, containment, eradication, and recovery activities as appropriate.
• Correlate threat intelligence, log data, and security telemetry to determine incident scope and impact.
• Conduct threat hunting activities to proactively identify malicious activity.
• Perform malware analysis, forensic review, and digital evidence collection.
• Document investigations, findings, and response actions in accordance with established procedures.
• Escalate incidents when necessary and provide technical guidance during investigations.
• Develop and improve detection content, alerting rules, and security monitoring capabilities.
• Support continuous improvement initiatives for SOC operations and incident response processes.
• Collaborate with security engineers, incident responders, system administrators, and business stakeholders during security events.
• Mentor junior analysts and contribute to team knowledge sharing and development.

Required Skills and Qualifications

• Strong understanding of cybersecurity principles, security operations, and incident response methodologies.
• Knowledge of networking concepts including TCP/IP, DNS, HTTP/HTTPS, VPNs, firewalls, and network protocols.
• Experience with Windows, Linux, Active Directory, cloud environments, and identity management systems.
• Experience using SIEM platforms, EDR solutions, threat intelligence platforms, and security monitoring tools.
• Knowledge of common attack techniques, malware behavior, phishing campaigns, credential theft, ransomware, insider threats, and cloud-based attacks.
• Understanding of threat detection methodologies, threat hunting, and incident management processes.
• Familiarity with MITRE ATT&CK, Cyber Kill Chain, and threat intelligence frameworks.
• Strong analytical, problem-solving, and decision-making skills.
• Excellent written and verbal communication skills with the ability to clearly document investigations and present findings.
• Ability to work effectively in a 24x7 operational environment and manage multiple investigations simultaneously.
• Demonstrated commitment to continuous learning and professional development.

Preferred Certifications

One or more of the following certifications are preferred:

• CompTIA Security+
• CompTIA CySA+
• CompTIA CASP+
• SSCP
• GSEC
• GCIA
• GCIH
• GCED
• CISSP
• GCFA
• GREM
• GCTI

Equivalent cybersecurity certifications and relevant experience will also be considered.