Security Operations Center Analyst

Technical Skills Required

SIEM (Splunk):Query writing, dashboards, correlation rules

SQL:Writing queries to extract and correlate log data

EDR tools:Experience investigating endpoint threats and lateral movement

Log Analysis:Strong skills in reading and interpreting logs from Windows, Linux, and network devices

Scripting:Working knowledge of Shell, Python, or JavaScript

Familiarity withnetwork protocols, malware behavior, and TTPs (Tactics, Techniques & Procedures) of attackers

Understanding ofMITRE ATT&CKframework (nice to have)

Experience

3+ years of hands-on experience in:

Security Operations Center (SOC) environments

Incident detection, triage, and response

Analyzing security logs and investigating threats

Using SIEM tools (Splunk preferred) for alerting and analytics

Working with EDR tools like CrowdStrike, SentinelOne, or Carbon Black

Performing log analysis using SQL queries

Writing and editing scripts (Python, Shell, or JavaScript) for automation or data parsing