Soc Analyst

SOC Analyst

Company: Kiya.ai

Department: Cybersecurity / Information Security

Employment Type: Hybrid Mode - 3 days WFO and 2 days WFH

Job Summary:

Kiya.ai is seeking a skilled and detail-oriented Security Operations Center (SOC) Analyst to join our cybersecurity team. This role is critical to maintaining and improving our organization's security posture by ensuring real-time threat detection and incident response. You'll be responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents using a variety of tools and techniques.

Key Responsibilities:

• Monitor security alerts and events from SIEM tools (e.g., Splunk, QRadar, Microsoft Sentinel).
• Analyze and triage security events to determine their impact and severity.
• Investigate security incidents thoroughly and provide detailed incident reports.
• Escalate validated threats and vulnerabilities to the appropriate teams and assist in mitigation efforts.
• Coordinate with IT teams to ensure containment, eradication, and recovery actions are taken for confirmed incidents.
• Perform threat intelligence analysis to support proactive detection and defense strategies.
• Document incident handling procedures and maintain a comprehensive incident knowledge base.
• Participate in the continuous improvement of SOC operations, including refining playbooks and enhancing automation.
• Stay current on the latest cybersecurity trends, threats, and tools to anticipate potential risks.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.
• Experience with SIEM platforms, IDS/IPS, firewalls, and endpoint protection tools.
• Understanding of TCP/IP, DNS, HTTP, VPN, and various network protocols.
• Knowledge of common threat vectors, the MITRE ATT&CK framework, and the kill chain.
• Strong analytical and problem-solving skills.
• Excellent communication skills and the ability to work effectively under pressure.

Preferred Qualifications:

• Certifications such as CompTIA Security+, CEH, GCIA, GCIH, or Splunk Certified Analyst.
• Experience with scripting (e.g., Python, PowerShell) for automation.
• Familiarity with cloud security monitoring (e.g., AWS GuardDuty, Azure Defender).
• Exposure to incident response frameworks and forensic tools.