SOC Analyst monitoring detections for clients, executing response playbooks, and improving threat detection capabilities. Join Arctiq to protect organizations in today's digital landscape.
Responsibilities
Continuously monitor and triage alerts and detections across SIEM, EDR/XDR, identity, email, network, and cloud telemetry for our managed client base, applying severity classification and initial enrichment on every event you touch.
Investigate suspicious activity end-to-end — from validation and pivoting through to root-cause analysis — using knowledge of attacker tradecraft, the MITRE ATT&CK framework, and the cyber kill chain to reach confident, well-supported conclusions.
Execute documented response playbooks to contain threats, including isolating hosts, disabling compromised accounts, blocking indicators, resetting credentials, and coordinating handoffs with client and engineering teams.
Partner with Detection Engineering to reduce noise and false positives, and to propose, test, and deploy new analytics, automations, and SOAR playbooks that make the SOC faster and more accurate.
Maintain audit-grade documentation throughout every case, capturing notes, timelines, and customer-facing communications cleanly in the ticketing and case-management system.
Consistently meet triage, investigation, and notification SLAs while sustaining high accuracy, low false-positive rates, and strong client satisfaction across the portfolio.
Drive continuous improvement of the SOC by feeding lessons learned back into detections, playbooks, runbooks, and knowledge-base articles in partnership with SOC Leadership and Detection Engineering.
Operate on an assigned shift (Day, Swing, or Night) within a 24x7 rotation — including weekends and holidays as scheduled — and respond to on-call escalations when required.
Requirements
One or more years in an IT security role or IT support role with significant security responsibilities.
Working knowledge of core security concepts: TCP/IP, common protocols, Windows and Linux fundamentals, Active Directory / Entra ID, cloud (Azure / AWS / GCP) basics, and common attacker techniques.
Familiarity with at least one SIEM and one EDR/XDR platform; comfortable writing or modifying basic queries (KQL, SPL, or similar).
Demonstrated ability in effective communication and collaborating in a diverse high-performance team environment, with a strong commitment to customer service.
Individuals will be required to submit to a background examination.
IAM Operations Lead responsible for daily administration, governance, and security of identity infrastructure, ensuring correct access and minimizing risks.
CSOC Analyst responsible for managing security incidents and threat investigation at Just Eat Takeaway. Working with an internal team to detect, investigate, and respond to significant threats.
Security Operations Engineer at Supabase providing front - line coverage for security alerts and customer security tickets. Supporting internal IT operations and improving security processes in a remote setup.
SecOps Engineer integrating security into development processes for Lido Protocol. Collaborating on security practices, incident management, and developer training.
SOC Operator managing 24/7 command centre operations for the Toronto Jewish community. Support during emergencies, manage incidents, and conduct thorough record - keeping.
Security Operations Analyst monitoring and investigating security threats across enterprise systems. Collaborating with teams on incident response and threat intelligence activities.
Manager of Security Operations at Match Group overseeing detection engineering, security operations, and incident response. Leading a high - performing team to maximize threat response capabilities.
Senior SecOps Analyst overseeing end - to - end vulnerability management processes. Collaborating with teams to enhance security measures in a hybrid workplace.
SOC Analyst supporting 24/7 operational capabilities in cybersecurity at Starling. Collaborating with global teams to protect customers and assets through incident response and investigations.