We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Staffmark Group jobs

Senior SOC Analyst/ Developer

Staffmark Group
$48.00-$58.00
paid time off, paid holidays
United States, California, Irvine
Jun 16, 2025
Position: Senior SOC Analyst/ Developer
Work Location: Irvine, CA (Onsite)
Hours: Standard Time Mon-Fri 7:00AM - 4:00PM/11:00AM-8:00PM : Daylight Saving Time (Summer Time) Mon-Fri 8:00AM - 5:00PM/12:00PM - 9:00PM
Overview:
A global leading service provider in cybersecurity solutions is seeking a highly skilled and experienced Senior SOC Analyst with a strong development background to join the Security Operations Center (SOC) team. This role is pivotal in enhancing our security posture by not only performing in-depth monitoring and analysis of security events but also by developing and optimizing the tools and content that drive our detection and response capabilities. The ideal candidate will be a proactive problem-solver with a passion for cybersecurity, capable of translating security requirements into robust technical solutions.
Essential Duties and Responsibilities include but not are limited to:
* Perform advanced monitoring, analysis, and triage of security events and alerts generated from various security tools, with a primary focus on SIEM (Security Information and Event Management) platforms.
* Conduct in-depth investigations into security incidents, identifying root causes, impact, and recommending appropriate remediation actions.
* Analyze network traffic, system logs, and other security data to identify suspicious activities, threats, and vulnerabilities.
* Collaborate with incident response teams during major security incidents, providing technical expertise and support.
* Design, develop, and implement new SIEM content, including correlation rules, alerts, reports, dashboards, and use cases, to improve threat detection and operational efficiency.
* Optimize and refine existing SIEM content to reduce false positives, increase fidelity, and align with evolving threat landscapes.
* Develop and maintain documentation for SIEM content, including rule logic, purpose, and response procedures.
* Develop and enhance automation scripts and programs (e.g., Python, PowerShell, Bash) for various SOC functions, including log collection, data enrichment, incident response playbooks, and remediation actions.
* Create integration programs and APIs to connect disparate security tools and platforms, streamlining workflows and improving data correlation.
* Troubleshoot, debug, and optimize existing scripts and applications to ensure their reliability and performance.
* Contribute to the development and maintenance of internal security tools and utilities that enhance SOC efficiency and detection capabilities.
* Proactively identify opportunities for process improvements, automation, and new security control implementations within the SOC.
* Stay abreast of the latest cybersecurity threats, vulnerabilities, and industry best practices, integrating new knowledge into our detection and response strategies.
* Participate in security tool evaluations, proof-of-concepts, and recommendations for new technologies.
* Mentor junior analysts and contribute to knowledge sharing within the team.
Qualifications:
* Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. Equivalent practical experience will be considered.
* 4+ years of experience in a Security Operations Center (SOC) or similar cybersecurity role, with a strong emphasis on security monitoring and incident response.
* Proven experience in developing and implementing SIEM content (rules, reports, dashboards, use cases) on major SIEM platforms (e.g., Splunk ES, Microsoft Sentinel, IBM QRadar, Exabeam, Elastic SIEM).
* Strong programming and scripting skills (e.g., Python, PowerShell, Bash) for automation, data manipulation, and API integrations.
* In-depth understanding of common attack techniques, tactics, and procedures (TTPs) and the MITRE ATT&CK framework.
* Solid understanding of network protocols (TCP/IP, HTTP/S, DNS, etc.), operating systems (Windows, Linux), and common security technologies (firewalls, IDS/IPS, EDR, proxy servers).
* Experience with cloud security concepts and technologies (AWS, Azure, GCP) is a plus.
* Excellent analytical and problem-solving skills with a keen eye for detail.
* Strong communication skills (written and verbal) with the ability to convey complex technical information to both technical and non-technical audiences.
* Ability to work independently and as part of a collaborative team in a fast-paced environment.
* Relevant industry certifications such as CISSP (Certified Information Systems Security Professional), GIAC (Global Information Assurance Certification) 50X Series or above (required).
* Certifications such as MCSE (Microsoft Certified Solutions Expert) , MCP (Microsoft Certified Professional), CCNA (Cisco Certified Network Associate), Security+ (CompTIA Security+) (preferred).

The base pay range above represents the low and high end of the base compensation range we reasonably expect to pay for this position. Actual base compensation will vary and may be above or below the range based on various factors including, but not limited to, geographic location, actual experience, and job performance. This job posting is not a promise of any specific pay for any specific employee.

The range listed is just one component of the total compensation package for our employees. Based on the details of your position, we provide a variety of benefits to our employees, including medical, dental, and vision plans, pre-tax savings plans, pre-tax parking and commuter plans, supplemental health and welfare plans, a retirement savings plan, an employee assistance program, pet insurance, and paid holidays. Other rewards may include short-term incentives and paid time off.

After you have applied, download our Staffmark Group WorkNOW App to receive real-time job offers and apply for additional opportunities. You can download it from the App Store or get it on Google Play.


About Staffmark

Staffmark is committed to providing equal employment opportunity for all persons regardless of race, color, religion (including religious dress and grooming practices), sex, sexual orientation, gender, gender identity, gender expression, age, marital status, national origin, ancestry, citizenship status, pregnancy, medical condition, genetic information, mental and physical disability, political affiliation, union membership, status as a parent, military or veteran status or other non-merit based factors. We will provide reasonable accommodations throughout the application, interviewing and employment process. If you require a reasonable accommodation, contact your local branch. Staffmark is an E-Verify employer. This policy is applicable to all phases of the employment relationship, including hiring, transfers, promotions, training, terminations, working conditions, compensation, benefits, and other terms and conditions of employment.

All employees are directed to familiarize themselves with this policy and to act in accordance with it. All decisions with respect to employment matters and other phases of employer-temporary employee relationships will be in keeping with this policy and in accordance with all applicable laws and regulations.

To read our candidate privacy info statement which explains how we will use your information click here.

Applied = 0
MORE JOBS LIKE THIS

(web-6787b74fd-znc8z)