[Remote] Senior Security Operations Center (SOC) Analyst
Note: The job is a remote job and is open to candidates in USA. Zelis is modernizing the healthcare financial experience across various stakeholders, and they are seeking a Senior Security Operations Center (SOC) Analyst to lead investigations and mitigate security incidents. This role involves hands-on technical work like forensics, incident analysis, and mentoring newer analysts while contributing to the overall security posture of the organization.
Responsibilities
- Incident Analysis & Handling: Triage alerts, investigate suspicious activity, lead incident response steps, and coordinate containment and recovery efforts
- Data Collection & Normalization: Make sure logs and security data are gathered correctly, cleaned up, and organized so the team can analyze them effectively
- Digital Forensics: Examine systems, files, logs, and network data to understand what happened during security events
- Mentoring & Training: Help newer analysts grow by sharing your experience, offering guidance, and running training sessions when needed
- Technical / Process Guidance: Assist team members with technical questions, tool usage, investigation methods, and established response workflows
- Shift Leadership: Act as the point person during your shift: manage workload, oversee investigations, ensure smooth handoffs, and support teammates. Participate in a rotating on-call schedule as required
- Innovation: Look for opportunities to improve processes, recommend new tools or automations, and help refine how the team operates
- Reviewing alerts and logs to identify potential threats or unusual activity
- Leading or assisting with active investigations and driving them toward containment and resolution
- Running forensic analysis on hosts, cloud workloads, or network artifacts to uncover root causes and timelines
- Collaborating with IT, cloud, engineering, or other security teams to gather data or take action on investigations
- Sharing insights with teammates, helping them troubleshoot difficult cases, or walking them through an investigation technique
- Updating documentation, writing reports, or summarizing incident findings
- Teaching something new to the team—maybe a tool trick, a technique, or a better approach to analysis
- Handling shift responsibilities like queue management, monitoring ongoing investigations, and tracking priorities
- Identifying process gaps or tools that could be improved and proposing better ways to do things
- Perform other tasks required by management as needed
Skills
- Bachelor of Computer Science, Engineering, Information Security, Information Technology, or 4+ years of equivalent experience
- 3+ years of enterprise level incident handling
- Ability to partner with enterprise teams within a cybersecurity context, leveraging diverse ideas, experiences, thoughts, and perspectives to improve the organization
- Effective oral and written communication skills with experience in cybersecurity technical process documentation
- Demonstrated cyber defense and information security passion, including commitment to maintaining technical proficiency
- Proven record of thought leadership via innovation and non-traditional solutions
- Fundamental understanding of IT Security practices/programs/tooling, with demonstrated examples of driving initiatives forwards
- Advanced cybersecurity certifications (e.g., GCFA, GCIA, GNFA, GCTI, GREM, GCIH, GCFA, GPEN, OSCP, etc.)
- Cloud (AWS, Azure, GCP, etc.) certifications
- Proficiency in scripting and high-level programming languages (Python, PowerShell, bash, etc.)
- Functional knowledge of SIEM, SOAR, malware sandboxing solutions and related tools
Benefits
- Discretionary bonus plans, commissions, or other incentives depending on the role
- 401k plan with employer match
- Flexible paid time off
- Holidays
- Parental leaves
- Life and disability insurance
- Health benefits including medical, dental, vision, and prescription drug coverage
Company Overview