Job Description

Job Title: Sr SOC Analyst

Location: North Andover, MA

Duration: / Term: 6+ months

Job Description:

Experience Desired: 12+ Years.

Key required skills

We are seeking a highly skilled Senior SOC Analyst to strengthen our cybersecurity detection engineering function. This role will focus on designing, standardizing, and optimizing detection logic across key security tools to elevate overall detection quality and reduce noise.

The ideal candidate brings deep experience creating high-fidelity endpoint detections, enriching alerts with vulnerability data, and collaborating with SOC and threat intelligence teams. This role is distinctly focused on detection engineering not automation requiring a strong analytical mindset, precise engineering skills, and hands-on expertise with CrowdStrike Falcon, SentinelOne, and Rapid7

What You'll Be Doing:

Detection Engineering & Development

• Design, build, and refine high-quality detection logic in CrowdStrike Falcon and SentinelOne (S1).
• Develop standardized detection engineering workflows, documentation, and quality controls.
• Conduct regular tuning of existing detections to improve fidelity and reduce false positives.
• Translate threat intelligence, adversary TTPs, and ATT&CK-based behaviors into actionable detections.

Alert Enrichment & Signal Quality

• Leverage vulnerability data from Rapid7 to create context-rich detections and improve alert prioritization.
• Validate detection performance through testing, simulation, and SOC feedback loops.
• Collaborate with SOC teams to ensure detections align with operational requirements and response workflows.

Cross-Functional Collaboration

• Work closely with SOC Operations, Threat Intelligence, and Security Engineering teams to align detection logic with evolving threat landscapes.
• Maintain a clear boundary between detection engineering and automation or SOAR workflows.
• Provide subject matter expertise and mentorship to junior analysts.

What we need

A minimum of 12 years of overall experience in IT Infrastructure domains, including at least 5 years of hands-on experience in Security Operations, Detection Engineering, or related cybersecurity functions

5+ years in Security Operations, Detection Engineering, Threat Hunting, or Incident Response.

Proven hands-on experience creating detections in:

1. CrowdStrike Falcon
2. SentinelOne (S1)
3. Experience enriching and correlating security signals using Rapid7 or similar vulnerability management tools.

Core Technical Skills

• Strong understanding of SOC workflows, alert triage, incident response, and threat hunting methodologies.
• Expertise mapping detections to frameworks like MITRE ATT&CK, CIS, and NIST.
• Ability to convert threat intelligence reports into high-fidelity detection logic.
• Familiarity with detection lifecycle management: design test tune deploy monitor.

Key Skills:

Falcon, Rapid7, SentinalOne

Job Tags

Similar Jobs