Senior SOC Analyst

At Coretelligent, we take ownership of the technology our clients rely on every day.

We partner with growing, highly regulated organizations that need secure, dependable IT environments built to scale. Our role goes beyond support. We bring structure, clarity, and accountability to complex technology landscapes so leaders can move forward with confidence.

Over the past several years, Coretelligent has entered a new chapter. We have strengthened our leadership team, modernized our service delivery, and sharpened our focus on long-term client outcomes. Our work spans managed IT, cybersecurity, cloud, and strategy, delivered through a model designed for consistency, transparency, and trust.

We are building a team of professionals who care deeply about quality, ownership, and continuous improvement. If you value clear expectations, thoughtful collaboration, and work that genuinely matters to the businesses you support, you will feel at home here.

Job Overview

As a Senior SOC Analyst, you will serve as a senior technical resource within the Security Operations Center, responsible for advanced threat detection, investigation, and incident response across multiple client environments. This role acts as an escalation point for complex investigations while also helping improve the maturity, efficiency, and quality of our SOC operations. Our Security Operations team plays a critical role in protecting client infrastructure across highly regulated industries where reliability, visibility, and rapid response are essential.

You will combine hands-on analytical work with mentorship and operational improvement efforts. This includes conducting deep investigations, leading incident response efforts, refining detection capabilities, and ensuring consistent investigative standards across the team. The ideal candidate demonstrates strong technical judgment, calm decision-making during security events, and the ability to communicate clearly with both technical teams and client stakeholders.

Key Responsibilities:

• Serve as a senior escalation point for SOC analysts, providing guidance on alert triage, investigation methodology, containment strategies, and incident classification.
• Lead complex investigations across multiple telemetry sources including SIEM, EDR/XDR, firewall, cloud, and network logs to identify attacker behavior and root causes.
• Conduct hands-on incident response activities including containment coordination, eradication guidance, recovery recommendations, and post-incident reporting.
• Perform proactive threat hunting across client environments to identify suspicious behaviors, emerging threats, and attacker techniques that may evade automated detection.
• Tune and optimize detection logic across SIEM platforms, EDR tooling, correlation rules, and automated workflows to improve signal quality and reduce false positives.
• Contribute to SOC operational maturity through automation, SOAR workflows, and investigation efficiency improvements.
• Mentor and support SOC analysts through knowledge sharing, investigation guidance, and quality review of alert handling and incident documentation.
• Maintain high investigative standards through clear documentation, consistent investigation processes, and strong communication during security events.
• Develop and maintain incident response runbooks, threat hunting procedures, and operational playbooks to support continuous improvement of SOC operations.
• Participate in client communications during security investigations, incident briefings, and follow-up reviews while maintaining a professional and confident presence.
• Stay current on evolving attacker tactics, vulnerabilities, and threat intelligence trends to continuously improve detection and response capabilities.

Required Skills and Qualifications:

• 5+ years of experience in security operations, threat detection, digital forensics, incident response, or related cybersecurity roles.
• Demonstrated experience conducting advanced security investigations within SOC or incident response environments.
• Strong familiarity with security operations technologies including SIEM platforms, EDR/XDR tools, IDS/IPS, firewall telemetry, and cloud logging solutions.
• Deep understanding of attacker methodologies and security frameworks such as MITRE ATT&CK, cyber kill chain, and NIST incident response lifecycle.
• Proficiency in log analysis, detection tuning, event correlation, and end-to-end investigation workflows.
• Experience coordinating response activities across multiple stakeholders during active security incidents.
• Strong written and verbal communication skills, including the ability to translate complex technical findings into clear client-facing summaries.
• Relevant cybersecurity certifications such as GCIA, GCIH, GCFA, GNFA, CySA+, AZ-500, or equivalent experience.

Salary Range for this position (depending upon experience): 

$125,000 - $135,000

This range reflects the minimum and maximum targets for new hires across all US locations (with the exception of MA, NY, and CA). Within the range, individual pay is determined by job-related skills, experience, work location, and relevant education or training.

What you’ll love about Coretelligent:

We take Coretelligent culture very seriously! As a company, we constantly think of ways to give back to our valued employees through company engagement. We offer a competitive salary, amazing benefits, a great vacation package, a healthy work-life balance, and opportunities to grow your career from within!  

Benefits: Health, Dental, & Vision, Flexible Spending Account (FSA), 401k, Health Reimbursement Account (HRA), Health Savings Account (HSA), Life Insurance, Disability Insurance, Paid Parental Leave, Holiday Pay, Flexible Vacation & Sick Days.

Perks: Fourteen holidays, including a day off on your birthday, flexible vacation, spot bonuses for demonstrated excellence, community and social events, learning and development, flexible working life, $100 well-being allowance, and other health & wellness perks.

Equal Opportunity and Accessibility Commitment

Coretelligent is an Equal Opportunity employer committed to diversity, equity, and inclusion. We welcome qualified applicants of all races, ethnicities, religions, ages, sexual orientations, gender identities, socioeconomic statuses, and more. Our focus is on creating an inclusive workplace where diversity is valued beyond compliance, ensuring that every team member feels respected, supported, and empowered to be their authentic selves.

In compliance with the Colorado Anti-Discrimination Act (CADA), we do not request or consider age or age-adjacent information (such as graduation dates) during the hiring process. We encourage all qualified individuals to apply, regardless of age.

We extend our dedication to accessibility and inclusivity to our remote workforce. In alignment with the Americans with Disabilities Act (ADA), we are committed to providing reasonable accommodations to enable individuals with disabilities to effectively perform their job duties in a remote setting. Applicants needing accommodations for the application or interview process are encouraged to reach out to [email protected] for necessary arrangements.

E-Verify www.dhs.gov/E-Verify      

For information about the right to work, click here for English or here for Spanish.

E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce. 

As Coretelligent is a remote company hiring candidates, our perks and benefits packages may adjust based on your location. Direct applicants only; no recruitment agencies or third-party recruiters, please.

#LI-Remote