Security Analyst
On-site · Houston, Texas, United States
Job Summary
Monitor and triage alerts across multiple client environments using SIEM, EDR, and other security telemetry; investigate suspicious activity, contain incidents, and document findings clearly; tune detections, reduce false positives, and contribute to the playbook library; perform Tier 2 escalations — phishing, malware, lateral movement, identity compromise; participate in client-facing meetings: monthly reviews, incident debriefs, security posture conversations; help shape security strategy recommendations for MSSP clients (controls, hardening, roadmap input); stay current on threat actor TTPs, emerging vulnerabilities, and platform updates
Required Qualifications
- 1–2 years of hands-on SOC analyst experience (Tier 1, ideally with some Tier 2 exposure)
- Working knowledge of at least one major EDR platform: CrowdStrike Falcon, SentinelOne, or Microsoft Defender for Endpoint
- Experience with at least one SIEM (Microsoft Sentinel, Splunk, CrowdStrike, Sumo Logic, QRadar, Elastic, or similar)
- Industry certification: CompTIA Security+, CySA+, or equivalent — or willingness to earn within 90 days
- Solid grasp of fundamentals: networking, Windows/Linux internals, MITRE ATT&CK, common attack chains
- Clear written and verbal communication — you can explain a finding to a non-technical client
- Curiosity, ownership, and the drive to grow into a senior contributor
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.