Job Description
Kavaliro is looking for a Senior SOC Analyst to join their client on-site in Orlando, Florida. The role involves acting as a senior escalation point for cybersecurity alerts and incidents, providing expert guidance in threat intelligence, incident response, and security operations. Responsibilities include triaging security events, identifying and remediating threats, evaluating vulnerabilities, and participating in a rotating on-call schedule. The analyst will also mentor junior staff, lead threat hunting, develop forensic capabilities, support SOAR tools, create advanced SIEM queries, build use cases, incorporate threat intelligence, conduct forensic investigations, and develop operational playbooks and SOC metrics. Collaboration with other teams is essential to enhance the overall security posture.
Good To Have:
- At least two additional current certifications (e.g., CEH, GIAC, CCNA/CCNP, EnCE)
- Experience with forensic tools and investigation methodologies
- Develop and maintain forensic capabilities
- Support Security Orchestration, Automation and Response (SOAR) tools
- Evaluate existing security technologies
Must Have:
- Minimum 7+ years of experience in cybersecurity
- At least 4+ years focused on incident response
- Certified Information Systems Security Professional (CISSP)
- Proficient in SIEM platforms
- Deep knowledge of network and application security
- Hands-on experience with SOAR platforms
- Familiarity with MITRE ATT&CK
- Strong understanding of threat vectors
- Proficient in Linux, Windows, and command-line tools
- Strong scripting skills (Python, Bash, PowerShell, Perl)
- Ability to craft custom detections
Kavaliro is seeking an Sr SOC Analyst to support a client onsite in Orlando, FL.
ROLES AND RESPONSIBILITIES:
REQUIRED TECHNICAL SKILLS:
REQUIRED EDUCATION:
ROLES AND RESPONSIBILITIES:
-
Act as a senior escalation point for cybersecurity alerts, threats, and incidents.
-
Provide expert-level guidance in cybersecurity domains, including threat intelligence, incident response, and security operations.
-
Triage and assess security events to determine severity, validate incidents, and coordinate appropriate response efforts.
-
Identify and remediate active threats using log analysis, threat intelligence feeds, and advanced detection techniques.
-
Evaluate and respond to newly discovered vulnerabilities and attacker TTPs to improve detection and response measures.
-
Participate in a rotating on-call schedule to maintain 24/7 cybersecurity coverage.
-
Mentor and support less experienced SOC analysts, providing technical leadership and training.
-
Lead proactive threat hunting activities based on internal risk factors and external intelligence.
-
Develop and maintain forensic capabilities, tools, and procedures.
-
Support Security Orchestration, Automation and Response (SOAR) tools, including administration and use case development.
-
Create advanced search queries and detection content for SIEM platforms using scripting and custom logic.
-
Build and enhance use cases by integrating log sources and developing correlation rules.
-
Incorporate actionable threat intelligence into security platforms for proactive defense.
-
Conduct forensic investigations in support of internal investigations and incident response.
-
Translate adversary TTPs into indicators of compromise (IOCs) and detection logic.
-
Lead post-incident reviews, document findings, and recommend improvements to prevent recurrence.
-
Develop, refine, and maintain SOC metrics and operational playbooks.
-
Evaluate existing security technologies and identify improvements to strengthen overall security posture.
-
Collaborate across cybersecurity, infrastructure, and application teams to ensure cohesive defense strategies.
REQUIRED TECHNICAL SKILLS:
-
Minimum 7+ years of experience in cybersecurity, with at least 4+ years focused on incident response.
-
Certified Information Systems Security Professional (CISSP) required.
-
At least two additional current certifications (e.g., CEH, GIAC, CCNA/CCNP, EnCE).
-
Proficient in SIEM platforms and advanced event correlation analysis.
-
Deep knowledge of network and application security, forensics, threat detection, and vulnerability management.
-
Hands-on experience with SOAR platforms and automation pipelines.
-
Familiarity with MITRE ATT&CK and the Cyber Kill Chain frameworks.
-
Strong understanding of threat vectors such as DDoS, malware, phishing, port scans, and web attacks.
-
Practical knowledge of defensive strategies and countermeasures for common exploits and vulnerabilities.
-
Experience with forensic tools and investigation methodologies.
-
Proficient in Linux, Windows, and command-line tools for log and evidence analysis.
-
Strong scripting skills (Python, Bash, PowerShell, Perl).
-
Ability to craft custom detections using YARA rules, regex, and query languages.
REQUIRED EDUCATION:
-
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; or equivalent experience.
Kavaliro provides Equal Employment Opportunities to all employees and applicants. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Kavaliro is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Kavaliro will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please respond to this posting to connect with a company representative.
Set alerts for new jobs by Kavalirio
Set alerts for new jobs in United States
