[Remote] SOC/Incident Response Analyst
Note: The job is a remote job and is open to candidates in USA. Saliense is a company dedicated to innovation and collaboration in the field of cybersecurity. They are seeking a SOC/Incident Response Analyst to monitor, investigate, and respond to cybersecurity threats while supporting incident response activities and improving SOC operations. The role involves analyzing security data, conducting investigations, and mentoring junior analysts.
Responsibilities
- Monitor, triage, investigate, and respond to security alerts and events
- Analyze security data from SIEM, EDR, network, cloud, email, and identity security platforms
- Identify indicators of compromise, suspicious activity, and potential security incidents
- Perform incident investigation, containment, eradication, and recovery activities as appropriate
- Correlate threat intelligence, log data, and security telemetry to determine incident scope and impact
- Conduct threat hunting activities to proactively identify malicious activity
- Perform malware analysis, forensic review, and digital evidence collection
- Document investigations, findings, and response actions in accordance with established procedures
- Escalate incidents when necessary and provide technical guidance during investigations
- Develop and improve detection content, alerting rules, and security monitoring capabilities
- Support continuous improvement initiatives for SOC operations and incident response processes
- Collaborate with security engineers, incident responders, system administrators, and business stakeholders during security events
- Mentor junior analysts and contribute to team knowledge sharing and development
Skills
- Strong understanding of cybersecurity principles, security operations, and incident response methodologies
- Knowledge of networking concepts including TCP/IP, DNS, HTTP/HTTPS, VPNs, firewalls, and network protocols
- Experience with Windows, Linux, Active Directory, cloud environments, and identity management systems
- Experience using SIEM platforms, EDR solutions, threat intelligence platforms, and security monitoring tools
- Knowledge of common attack techniques, malware behavior, phishing campaigns, credential theft, ransomware, insider threats, and cloud-based attacks
- Understanding of threat detection methodologies, threat hunting, and incident management processes
- Familiarity with MITRE ATT&CK, Cyber Kill Chain, and threat intelligence frameworks
- Strong analytical, problem-solving, and decision-making skills
- Excellent written and verbal communication skills with the ability to clearly document investigations and present findings
- Ability to work effectively in a 24x7 operational environment and manage multiple investigations simultaneously
- Demonstrated commitment to continuous learning and professional development
- CompTIA Security+
- CompTIA CySA+
- CompTIA CASP+
- SSCP
- GSEC
- GCIA
- GCIH
- GCED
- CISSP
- GCFA
- GREM
- GCTI
- Equivalent cybersecurity certifications and relevant experience will also be considered
Benefits
- 20 Days PTO + 40 Hours of Paid Sick & Safe Time
- 11 Federal Holidays + 2 Corporate Holidays
- Health, Vision, Dental, and Life Insurance
- 401(k) with Tiered Match & 100% Vesting
- Parental Leave for Birthing and Non-Birthing Parents
- Professional Development Reimbursement Program
Company Overview
Company H1B Sponsorship