Senior SOC Engineer/Analyst

Job Category: Technology and IT
Job Type: Contract
Job Location: USA
Salary: $100K/yr - $120K/yr
Company Name: DivIHN Integration Inc

Company Overview
Since 2002, DivIHN (pronounced “Divine”) has been a trusted partner in holistic technology consulting, dedicated to driving client success and transformation.

We understand that transformation is a journey—one that demands insightful strategy, expert guidance, innovative solutions, and reliable execution. At DivIHN, we offer all of these by aligning closely with our clients’ goals and investing deeply in their success.

About the Role

DivIHN Integration Inc is seeking an experienced SOC Analyst to join our team in defending enterprise environments against cyber threats. In this role, you will lead sophisticated security incident investigations and play a critical role in threat detection, incident response, and SOC process improvement. You will work closely with cross-functional teams, mentor junior analysts, and help mature our security operations capabilities.

Key Responsibilities

  • Lead comprehensive security incident investigations from detection through containment, eradication, and recovery.

  • Proactively conduct threat hunting across endpoints and networks using tools such as CrowdStrike, SIEM, and threat intelligence feeds.

  • Tune and optimize SIEM rules, correlation searches, dashboards, and alerts to improve detection accuracy and reduce false positives.

  • Develop and maintain incident response playbooks, detection rules, and threat models aligned with industry frameworks like MITRE ATT&CK.

  • Automate investigation and response tasks through scripting (Python, PowerShell, Bash) and custom queries (SQL, Splunk SPL).

  • Partner with engineering, architecture, and IT teams to define logging requirements and enhance detection and response capabilities.

  • Mentor junior SOC analysts and contribute to team knowledge sharing and continuous process improvement.

  • Conduct root cause analyses, support digital forensics investigations, and facilitate post-incident reviews and lessons learned.

  • Stay current with the latest threats, attacker techniques, tools, and best practices, and apply this knowledge to strengthen SOC operations.

Required Qualifications

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field — or equivalent professional experience.

  • Minimum of 5 years in Cybersecurity, with a strong focus on security operations, threat detection, and incident response.

  • Hands-on expertise with CrowdStrike Falcon—including detection, investigation, and response workflows—highly preferred.

  • Proficiency with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar) for log ingestion, parsing, rule creation, and dashboard management.

  • Strong ability to write Splunk SPL queries and SQL for log analysis and data correlation.

  • Skilled in scripting languages such as Python, PowerShell, or Bash to support automation and investigation.

  • Deep understanding of network protocols, Windows/Linux operating systems, malware behaviors, and adversary tactics (MITRE ATT&CK).

  • Experience designing and refining incident response playbooks, workflows, and escalation procedures.

  • Familiarity with forensic analysis tools, packet capture techniques, and threat intelligence platforms.

  • Excellent analytical thinking, communication, and documentation skills.

APPLY

Apply for this position

Allowed Type(s): .pdf, .doc, .docx