Security Operations Center Analyst

Position Overview

Huntress is seeking a motivated Security Operations Center (SOC) Analyst to join its rapidly expanding team. This role offers the opportunity to actively triage, investigate, respond to, and remediate a wide range of cyber intrusions. You will be part of a dedicated team focused on protecting companies globally from cyber-attacks, with ample opportunities for skill development and career advancement. The Huntress SOC is an elite unit committed to combating threat actors, providing a dynamic environment for analysts to enhance their skills and stay at the forefront of emerging threats.

Employment Type

• Full-time

Location

• Remote (Pacific Timezone, US)

Compensation

• Base Salary: $100,000 - $120,000
• Additional Compensation: Bonus and equity.
• On-call/Call-in Pay: May be eligible for additional pay based on business requirements.

Work Schedule

• Initial Training: Monday - Friday
• Post-Training: Subject to change, may include weekends or a 4x10 shift based on business needs.

About Huntress

Huntress is a fully remote, global company comprised of passionate experts dedicated to breaking down cybersecurity barriers. We develop purpose-built security solutions, actively hunt down hackers, and strive to make a significant positive impact within our community. Founded in 2015 by former NSA cyber operators, Huntress provides enterprise-grade, fully managed cybersecurity products at an accessible SaaS price point. Our unique "One Team" advantage ensures our technology is designed in tandem with our industry-leading Security Operations Center (SOC), creating a seamless and effective security solution. We currently protect over 3 million endpoints and 1 million identities worldwide, empowering under-resourced IT teams with robust protection.

Responsibilities

• Triage, investigate, and respond to alerts generated by the Huntress platform.
• Conduct tactical reviews of EDR telemetry, log sources, and forensic artifacts to identify root causes of attacks and recommend remediation steps.
• Perform tactical malware analysis as part of alert investigations.
• Investigate suspicious Microsoft M365 activity and provide remediation guidance.
• Assist the Product Support team with threat-related escalations and SOC-relevant inquiries.
• Contribute to the creation and tuning of detection engineering efforts.
• Participate in projects aimed at improving outcomes for analysts and partners.
• Engage in collaborative mentoring within the team to foster continuous improvement.

Requirements

• Experience: 2+ years in a SOC or Digital Forensics (DFIR) role.
• Operating Systems: Demonstrated experience with Windows, Linux, and MacOS as attack surfaces.
• Threat Actor Tools & Techniques: Demonstrated experience with:
  • MITRE ATT&CK Framework
  • PowerShell & Command Prompt Terminals
  • WMIC, Scheduled Tasks, SCM
  • Windows Domain and host Enumeration Techniques
  • Basic Lateral Movement Techniques
  • Basic Persistence Mechanisms
  • Basic Defense Evasion Techniques
  • Other offensive/Red Team TTPs
• Malware Analysis: Demonstrated experience with static and dynamic malware analysis concepts.
• Windows Administration: Working knowledge of Windows Administration or Enterprise Domain Administration, including:
  • Active Directory
  • Group Policy
  • Domain Trusts
• Networking: Working knowledge of core networking concepts, including:
  • Common ports/protocols
  • NAT
  • Public/Private IPs
  • VLANs
• Web Technologies: Working knowledge of web technologies and concepts, including:
  • Web servers/applications
  • OWASP Top 10
• Communication: Effective communication skills with the ability to explain technical concepts clearly.