SOC Analyst
Job Description
- At least 1 year of experience in a SOC environment, with certifications and references from previous security roles.
- Experience working alerts through to closure, not just initial triage.
- Ability to read and adapt basic detection/query logic (XQL, KQL, SPL, or similar).
- Experience with log analysis, conducting cyber investigations, containment, and recovery.
- Familiarity with identity and access platforms.
- Hands-on experience with Security Operations tools: SIEM, EDR/XDR, SOAR.
- Understanding of network security: IPS/IDS, Zero Trust, ZTNA, and NAC.
- Understanding of Active Directory and Entra ID, including common attack and defense techniques.
- Experience with multiple operating systems and a solid understanding of security hardening best practices on Windows, Linux, and macOS.
- Basic threat hunting skills and the ability to use threat intelligence in daily work.
- Understanding of AI and LLM risks and how attackers use AI today.
Will be a plus:
- Experience with Anthropic, OpenAI, Gemini or other models for agent development, or automations for the SOC pipelines.
- Experience with Palo Alto Networks products famility (Cortex, XSIAM, XSOAR, XPANSE, Prisma).
- Experience with network security vendors (FortiGate, Zscaler, Cisco).
Job Responsibilities
- Monitor security incidents, categorization, prioritization and triage.
- Review initial triage from MSSP as L1.
- Monitor and identify vulnerabilities and exposures across public facing assets.
- Threat Intelligence and threat hunting execution.
- Collaborate and Support IT and R&D teams in term of incident remediation.
- Assist a team with security projects (proof of concept, documentation, testing and production implementation).
- Plan and execute security awareness training.
- Manage endpoint protection rules and policies.
- Manage custom security controls in SIEM.
Department/Project Description
Harmonic is recruiting SOC Analyst for its Security Operation Center. The analyst will work with a variety of security tools and work together in the collaboration with MSSP that handled L1 triage. This role focuses on escalation handling, alert validation, detection tuning support, and closure of investigations to a defensible verdict, while contributing to broader security projects.
The analyst also contributes to improve the SOC infrastructure (detection rules, automations, analytical capabilities), automation playbooks in SOAR and threat intelligence feeds. As part of this role, the SOC analyst will be engaged in different projects across multiple IT domains: AI, network, and infrastructure to improve the customer cybersecurity posture.