Senior Security Operations Center (SOC) Analyst
Top Benefits
About the role
Senior Security Operations Center (SOC) Analyst
Location: Remote or Hybrid
Department: Security Operations
Reports To: Director of Cybersecurity
Position Summary
We are seeking a highly skilled and experienced Senior SOC Analyst to join our Security Operations Center. This role is pivotal in defending enterprise assets against advanced threats through proactive monitoring, threat hunting, and incident response. The ideal candidate will have deep expertise in CrowdStrike Falcon, Microsoft Sentinel, and a strong understanding of network and operating system internals across Windows, Linux, and macOS. Experience in cloud incident investigations (Azure, AWS, GCP) is essential.
What You’ll Do
- Threat Detection & Response
- Monitor and triage alerts from CrowdStrike Falcon and Microsoft Sentinel.
- Lead investigations into endpoint and network security incidents including malware, privilege escalation, lateral movement, and data exfiltration.
- Execute containment and remediation strategies for identified threats.
- Threat Hunting & Analysis
- Conduct proactive threat hunts using CrowdStrike telemetry and threat intelligence.
- Perform forensic analysis of compromised systems and malware samples.
- Analyze network logs and packet captures to identify anomalies and attacker behavior.
- Cloud Security & Incident Investigations
- Investigate cloud-based incidents across Azure, AWS, and GCP environments.
- Assess cloud logging readiness and ensure audit trails are complete and actionable.
- Collaborate with cloud operations teams to improve detection and response capabilities.
- Process Improvement & Automation
- Develop and refine playbooks, runbooks, and standard operating procedures.
- Tune SIEM rules and EDR policies to reduce false positives and improve alert fidelity.
- Participate in red/blue team exercises and contribute to continuous SOC maturity.
- Collaboration & Leadership
- Serve as an escalation point for Tier 1 and Tier 2 analysts.
- Mentor junior SOC staff and contribute to team knowledge sharing.
- Interface with threat intelligence, incident response, and executive stakeholders.
Preferred Experience
- 4–7 years of experience in a SOC or cybersecurity analyst role.
- Expert-level proficiency with CrowdStrike Falcon and Microsoft Defender.
- Strong understanding of MITRE ATT&CK, malware behaviors, and incident response.
- Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, Elastic).
- Deep knowledge of Windows, Linux, and macOS internals.
- Proficiency in scripting (Python, PowerShell) and log analysis.
- Excellent written and verbal communication skills.
Preferred Certifications
- CrowdStrike Certified Falcon Responder (CCFR)
- CrowdStrike Certified Falcon Administrator (CCFA)
- GIAC (GCIA, GCIH), CySA+, or equivalent
Education
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience.
The pay range
The base pay offered is determined by the market location and may vary depending on job-related knowledge, skills, experience, and internal equity. As part of our total rewards offering, permanent employees in this position may be eligible for our annual bonus program.
Why Work For Us
You’re resilient and passionate about securing the Work from Anywhere era. So are we.
We’re in search of the best and the brightest – everyone from innovators, sellers and marketers to financers, operators and especially customer relationship managers – we’re looking for top tier talent to help us shape the next decade of security, drive innovation that enables customers with truly disruptive solutions and are dedicated to making a meaningful difference.
Headquartered in Seattle, Washington with international offices in Vancouver - BC, Austin - TX, Ankeny – IA, Reading - UK and Ho Chi Minh City – Vietnam, Absolute Security accelerates customers’ shift to work-from-anywhere through the industry’s first self-healing Zero Trust platform, ensuring maximum security and uncompromised productivity. Only Absolute is embedded in more than half a billion devices, offering a permanent digital connection that intelligently and dynamically applies visibility, control and self-healing capabilities to endpoints, applications, and network access to ensure their cyber resilience tailored for distributed workforces.
Our vision is to be the world’s most trusted security company – and to empower end users to connect securely and from anywhere, to all the applications they need to collaborate and get their work done, without interruptions and with an optimal network experience. Absolute currently serves approximately 16,000 customers with more than 13 million activated endpoints globally. G2 Recognized Absolute as a Leader in the Summer 2025 Endpoint Management and Zero Trust Networking Grid Reports, reflecting our continued customer satisfaction across product lines. To learn more about Absolute, visit our website at www.absolute.com or visit our YouTube channel
About Absolute Security
Absolute Security is partnered with more than 28 of the world’s leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by 21,000 global enterprises, and licensed across 14 million PC users. With the Absolute Security Cyber Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. Our award-winning capabilities have earned recognition and leadership status across multiple technology categories, including Zero Trust Network Access (ZTNA), Endpoint Security, Security Services Edge (SSE), Firmware-Embedded Persistence, Automated Security Control Assessment (ASCA), and Zero Trust Platforms. To learn more, visit www.absolute.com and follow us on LinkedIn, X, Facebook, and YouTube.
ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2024, or its subsidiaries. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark.
Senior Security Operations Center (SOC) Analyst
Top Benefits
About the role
Senior Security Operations Center (SOC) Analyst
Location: Remote or Hybrid
Department: Security Operations
Reports To: Director of Cybersecurity
Position Summary
We are seeking a highly skilled and experienced Senior SOC Analyst to join our Security Operations Center. This role is pivotal in defending enterprise assets against advanced threats through proactive monitoring, threat hunting, and incident response. The ideal candidate will have deep expertise in CrowdStrike Falcon, Microsoft Sentinel, and a strong understanding of network and operating system internals across Windows, Linux, and macOS. Experience in cloud incident investigations (Azure, AWS, GCP) is essential.
What You’ll Do
- Threat Detection & Response
- Monitor and triage alerts from CrowdStrike Falcon and Microsoft Sentinel.
- Lead investigations into endpoint and network security incidents including malware, privilege escalation, lateral movement, and data exfiltration.
- Execute containment and remediation strategies for identified threats.
- Threat Hunting & Analysis
- Conduct proactive threat hunts using CrowdStrike telemetry and threat intelligence.
- Perform forensic analysis of compromised systems and malware samples.
- Analyze network logs and packet captures to identify anomalies and attacker behavior.
- Cloud Security & Incident Investigations
- Investigate cloud-based incidents across Azure, AWS, and GCP environments.
- Assess cloud logging readiness and ensure audit trails are complete and actionable.
- Collaborate with cloud operations teams to improve detection and response capabilities.
- Process Improvement & Automation
- Develop and refine playbooks, runbooks, and standard operating procedures.
- Tune SIEM rules and EDR policies to reduce false positives and improve alert fidelity.
- Participate in red/blue team exercises and contribute to continuous SOC maturity.
- Collaboration & Leadership
- Serve as an escalation point for Tier 1 and Tier 2 analysts.
- Mentor junior SOC staff and contribute to team knowledge sharing.
- Interface with threat intelligence, incident response, and executive stakeholders.
Preferred Experience
- 4–7 years of experience in a SOC or cybersecurity analyst role.
- Expert-level proficiency with CrowdStrike Falcon and Microsoft Defender.
- Strong understanding of MITRE ATT&CK, malware behaviors, and incident response.
- Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, Elastic).
- Deep knowledge of Windows, Linux, and macOS internals.
- Proficiency in scripting (Python, PowerShell) and log analysis.
- Excellent written and verbal communication skills.
Preferred Certifications
- CrowdStrike Certified Falcon Responder (CCFR)
- CrowdStrike Certified Falcon Administrator (CCFA)
- GIAC (GCIA, GCIH), CySA+, or equivalent
Education
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience.
The pay range
The base pay offered is determined by the market location and may vary depending on job-related knowledge, skills, experience, and internal equity. As part of our total rewards offering, permanent employees in this position may be eligible for our annual bonus program.
Why Work For Us
You’re resilient and passionate about securing the Work from Anywhere era. So are we.
We’re in search of the best and the brightest – everyone from innovators, sellers and marketers to financers, operators and especially customer relationship managers – we’re looking for top tier talent to help us shape the next decade of security, drive innovation that enables customers with truly disruptive solutions and are dedicated to making a meaningful difference.
Headquartered in Seattle, Washington with international offices in Vancouver - BC, Austin - TX, Ankeny – IA, Reading - UK and Ho Chi Minh City – Vietnam, Absolute Security accelerates customers’ shift to work-from-anywhere through the industry’s first self-healing Zero Trust platform, ensuring maximum security and uncompromised productivity. Only Absolute is embedded in more than half a billion devices, offering a permanent digital connection that intelligently and dynamically applies visibility, control and self-healing capabilities to endpoints, applications, and network access to ensure their cyber resilience tailored for distributed workforces.
Our vision is to be the world’s most trusted security company – and to empower end users to connect securely and from anywhere, to all the applications they need to collaborate and get their work done, without interruptions and with an optimal network experience. Absolute currently serves approximately 16,000 customers with more than 13 million activated endpoints globally. G2 Recognized Absolute as a Leader in the Summer 2025 Endpoint Management and Zero Trust Networking Grid Reports, reflecting our continued customer satisfaction across product lines. To learn more about Absolute, visit our website at www.absolute.com or visit our YouTube channel
About Absolute Security
Absolute Security is partnered with more than 28 of the world’s leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by 21,000 global enterprises, and licensed across 14 million PC users. With the Absolute Security Cyber Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. Our award-winning capabilities have earned recognition and leadership status across multiple technology categories, including Zero Trust Network Access (ZTNA), Endpoint Security, Security Services Edge (SSE), Firmware-Embedded Persistence, Automated Security Control Assessment (ASCA), and Zero Trust Platforms. To learn more, visit www.absolute.com and follow us on LinkedIn, X, Facebook, and YouTube.
ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2024, or its subsidiaries. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark.