SOC Analyst I

Job Summary: SOC Analyst I at CBIZ

As a Tier I Security Operations Center (SOC) Analyst at CBIZ, you will be instrumental in our cybersecurity operations. Your responsibilities will include receiving and triaging security alerts, performing threat hunts, monitoring security tools, analyzing logs, and managing client communication.

This role involves maintaining ticket queues, escalating security incidents, and proactively monitoring for threats. This is a part-time position with variable shifts, primarily outside standard business hours, ensuring optimal 24x7 SOC coverage.

Schedule

Part Time – Up to 24 hours per 7-day work week (Sunday-Saturday). Shifts may vary based on client needs and coverage requirements as dictated by management.

Essential Functions And Primary Duties

• Client Communication: Monitor and respond to clients through all supported email, messaging, and phone platforms.
• Dashboard Monitoring: Proactively monitor security dashboards to detect and respond to emerging threats in real-time.
• Escalation: Identify alerts requiring additional analysis and facilitate internal or external escalation for further investigation and resolution, meeting minimum standards of initial triage and analysis before escalation.
• Indicators of Compromise (IOCs): Understand, identify, and research IOCs to support threat detection and incident response efforts.
• Log Analysis: Review and analyze security logs and event data from various sources (firewalls, intrusion detection systems, endpoint security tools) to identify potential security incidents.
• Reporting: Complete all assigned internal and external reports by their deadlines, or in a timely manner if one is not provided.
• Security Alert Triage: Receive and perform initial triage of security alerts, assess severity, and determine appropriate actions.
• Security Tool Tuning: Contribute to tuning managed security tools by identifying trends and optimizing alert fidelity.
• Threat Intelligence: Stay informed about the latest cybersecurity threats, vulnerabilities, and attack techniques, applying this knowledge to enhance SOC threat detection capabilities. Perform threat hunts for proactive, in-depth client security.
• Ticket Queue Management: Monitor and maintain unassigned and assigned ticket queues, ensuring timely resolution and effective communication with stakeholders, adhering to average ticket processing time checkpoints in accordance with SLAs.
• Training Completion: Complete all assigned training in agreed upon time frames.

Preferred Qualifications

Technical Skills

• Microsoft Windows
• Microsoft Office tools (Word, Excel, Teams, Outlook, etc.)
• Working understanding of computer networking
• Working understanding of computer operating systems (Windows, Linux, MacOSx)
• Working understanding of cloud computing

Desirable Technical Skills

• ConnectWise
• Exabeam New-Scale Fusion
• Exabeam New-Scale SIEM
• Exabeam New-Scale Analytics
• Microsoft Sentinel
• Microsoft Defender
• SentinelOne Complete
• SentinelOne Singularity
• SentinelOne AI SIEM

Experience/Education

One or more of the following:

• 2 years of experience in IT support, IT operations or cybersecurity.
• Relevant cybersecurity certifications (e.g., CompTIA Security+, ISC2 SSCP, SANS GSEC, etc.) and >1 year experience in cybersecurity.
• Associate's degree in an IT related field of study and 0-1 years of experience in IT support, IT operations or cybersecurity.
• Bachelor's degree in cybersecurity.

Soft Skills

• Ability to read and understand written English
• Ability to produce clear and concise written documentation of security events
• Ability to clearly communicate on the phone and through e-mail/ticket updates
• Ability to manage multiple tasks simultaneously and prioritize tasks appropriately
• Ability to effectively interact with clients via phone, chat, email, etc.

Minimum Qualifications

• College Degree or equivalent required
• 1 year related experience
• Proficient use of applicable technology
• Ability to follow technical instructions and guidelines
• Ability to document daily activities and system functions
• Able to work in a team environment
• Demonstrated ability to communicate verbally and in writing throughout all levels of an organization, both internally and externally
• Ability to travel as required by business and on-call availability
• Able to lift up to 50 lbs.

About CBIZ

CBIZ Inc. is a leading professional services advisor to middle market businesses and organizations nationwide. With unmatched industry knowledge and expertise in accounting, tax, advisory, benefits, insurance, and technology, CBIZ delivers forward-thinking insights and actionable solutions to help clients anticipate what's next and discover new ways to accelerate growth. CBIZ has more than 10,000 team members across more than 160 locations in 22 major markets coast to coast.

CBIZ strives to be our team members' employer of choice by creating an environment where team members are appreciated, recognized for their contributions, and provided with opportunities to grow, both personally and professionally, throughout their careers. Together, CBIZ and CBIZ CPAs are ranked as one of the top providers of accounting services in the United States. CBIZ CPAs is an independent CPA firm that provides audit, review and attest services, while CBIZ provides business consulting, tax and financial services. In certain jurisdictions, CBIZ CPAs operates under its previous name, Mayer Hoffman McCann P.C.

Key skills/competency

• Security Information and Event Management (SIEM)
• Incident Response
• Threat Detection
• Log Analysis
• Network Security
• Endpoint Security
• Cybersecurity Operations
• Client Communication
• Threat Intelligence
• Security Tools Tuning