Security Operations Analyst (Tier 1)
Location: Midtown Manhattan, New York (Hybrid)
Type: 12‑Month Contract‑to‑Hire
Schedule: Full‑time
A growing global security team is seeking a Security Operations Analyst (Tier 1) to support day‑to‑day monitoring, alert triage, and first‑line incident investigation. This role is ideal for someone early in their security career who thrives in a structured environment, follows clear procedures, and wants to grow under strong leadership guidance.
You will work closely with experienced security leaders who provide significant hands‑on support, structured onboarding, and a consistent escalation path for all critical issues. Your focus will remain on Tier 1 investigations—primarily phishing, alert triage, and initial analysis.
What You’ll Do
• Monitor security alerts and events across SIEM and related security tools.
• Perform initial triage of alerts, including phishing investigations and basic log analysis.
• Escalate incidents to senior analysts following established playbooks and procedures.
• Support daily SOC operations to ensure service levels and response timelines are met.
• Assist with documenting incidents, identifying gaps, and recommending improvements.
• Contribute to maintaining and updating incident response SOPs and runbooks.
• Collaborate with cross‑functional technical teams to ensure secure operations.
• Participate in an on‑call rotation for after‑hours alert triage (with escalation support always available).
What You Bring
• Hands‑on experience with Linux (administration, troubleshooting, or security exposure).
• Experience in Security Operations, Incident Response, or a related security function.
• Familiarity with SIEM platforms such as Splunk, Google Chronicle, or similar tools.
• Understanding of threat‑hunting concepts and frameworks like MITRE ATT&CK.
• Exposure to security tools such as IDS/IPS, WAF, EDR, or other detection technologies.
• Strong understanding of networking fundamentals, operating systems, and core cybersecurity concepts.
• Degree in Cybersecurity, Computer Science, or equivalent practical experience.
• Experience with cloud environments (AWS, GCP, Azure) is a plus.
• Exposure to forensic tools or malware analysis is a plus.
• Ability to follow structured processes and work effectively across global teams.
• Strong written and verbal communication skills.
Who Thrives Here
This role is best suited for someone who:
• Wants to build a strong foundation in SOC and IR.
• Prefers clear guidance, structured workflows, and defined escalation paths.
• Is curious, detail‑oriented, and eager to learn from senior security leaders.
• Enjoys fast‑paced environments and continuous skill development.
