Soc Analyst (Tier 1–3)

SOC Analyst (Multiple Levels: Tier 1–3)

Company Overview

CYBRILL is a leading provider of high-value cybersecurity consulting services, specializing in advanced Splunk architecture, engineering, and expert troubleshooting. Our team has extensive experience working with federal and state government agencies as well as commercial clients, ensuring flawless implementations and deployments.

Position Overview

We are seeking SOC Analysts to join our Cyber Defense team. Candidates will be placed across Tier 1, Tier 2, or Tier 3 based on experience, skills, and expertise.
As a SOC Analyst, you will monitor, investigate, and respond to security events using modern SIEM, EDR, and cloud-native security technologies across diverse client environments.

Responsibilities

Responsibilities will vary depending on experience level and assigned tier, but may include:

Security Monitoring & Analysis

• Monitor SIEM, EDR, and security telemetry for indicators of compromise
• Perform log analysis, event correlation, and anomaly detection
• Identify, analyze, and escalate security incidents

Incident Response & Threat Detection

• Conduct investigations into suspicious activity or confirmed incidents
• Execute containment and remediation steps as appropriate
• Develop incident documentation, reports, and recommendations

Threat Hunting & Advanced Operations (for experienced analysts)

• Perform proactive threat hunts across enterprise datasets
• Develop detection rules, dashboards, and custom SIEM queries
• Collaborate on tuning and optimizing SIEM/SOAR pipelines
• Support forensic triage, malware analysis, and root cause investigations

Collaboration & Continuous Improvement

• Work closely with engineering teams on detection engineering and log ingestion
• Contribute to SOC playbooks, runbooks, and process enhancements
• Mentor junior analysts (for senior-level hires)

Required Qualifications (Depending on Level)

You will be considered for Tier 1, 2, or 3 based on the following areas:

Foundational Skills (Tier 1+)

• Understanding of cybersecurity fundamentals (threats, vulnerabilities, attack vectors)
• Familiarity with SIEM tools (Splunk, Sentinel, Elastic, Devo, etc.)
• Strong analytical and communication skills
• Ability to work within a fast-paced SOC environment
• Must be a U.S. Citizen

Mid-Level Skills (Tier 2+)

• Hands-on SOC or security operations experience
• Proficiency in incident investigation and IR processes
• Experience with EDR, cloud logs, threat intelligence, or packet analysis
• Strong knowledge of MITRE ATT&CK and detection methodologies

Senior-Level Skills (Tier 3)

• 5+ years SOC/IR/threat hunting experience
• Expertise in SIEM engineering, detection writing, and data analysis
• Experience with Splunk SPL, KQL, Elastic queries, scripting, or automation
• Ability to lead major investigations and complex incident response activities
• Experience with Cribl or pipeline engineering is a plus

Preferred Certifications (Any Level)

• CompTIA Security+, CySA+
• GCIH, GCIA, GCFE, GCFA, GCTI, GCED
• Microsoft SC-200, Splunk Core, or Elastic certifications

(Not required but highly beneficial.)

Job Types: Temporary, Contract

Pay: $29.41 - $50.00 per hour

Expected hours: 20 – 40 per week

Benefits:

• Flexible schedule

Work Location: Remote