SOC Analyst I
Network Coverage
Company Overview
At NetCov, we specialize in delivering cutting-edge IT and cybersecurity solutions designed to protect and optimize the digital infrastructure for the industries we serve. We differentiate ourselves from competitors through our deep and intimate knowledge of our clients’ business and our commitment to exceptional service.
About the Role
As a SOC Analyst at NetCov, you’ll be on the front line of threat detection, investigation, and response. You’ll triage and analyze security events across multiple client environments, use playbooks and workflows to drive consistent action, and communicate findings directly to clients in a professional, timely manner. This is a highly collaborative role where analysts work closely with peers, shift leads, and client IT/security teams to ensure threats are identified and mitigated quickly—while maintaining accuracy, efficiency, and client trust.
Accountabilities
Security Event Monitoring & Analysis
- Monitor SOAR and pivot to SIEM and EDR platforms to detect potential threats in real time.
- Analyze events and determine whether they represent true security incidents, policy violations, or benign activity.
Incident Investigation & Response
- Perform in-depth investigations on suspicious activity, correlating data from multiple sources.
- Escalate incidents per defined SOPs, providing clear and detailed documentation.
- Recommend containment and remediation steps based on threat severity and client environment context.
Client Communication & Support
- Communicate findings to clients in clear, concise, and professional language—both verbally and in written reports.
- Respond to client tickets and inquiries within defined SLAs, ensuring expectations are met or exceeded.
- Provide situational awareness to clients during active incidents and support post-incident follow-up.
Documentation & Continuous Improvement
- Maintain accurate case notes and ensure proper handoff between shifts.
- Suggest and contribute to improvements in detection logic, response playbooks, and SOC workflows.
- Participate in knowledge sharing, training sessions, and cross-team collaboration to improve overall SOC performance.
Knowledge, Skills, and Abilities Required
- Exposure to SIEM, EDR, and Case Management platforms (Rapid7, CrowdStrike, Microsoft Defender, SentinelOne, Service Now, Zendesk).
- Proven ability to move beyond single alerts by correlating disparate data sources (e.g., packet captures, endpoint logs) to identify attacker Tactics, Techniques, and Procedures (TTPs), understand how they pivot across systems, and map the full scope of a compromise.
- Understanding of network protocols, system logs, and common attack techniques (MITRE ATT&CK familiarity a plus).
- Strong written and verbal communication skills for client-facing interactions.
- Detail-oriented with the ability to follow procedures while maintaining situational awareness.
- Strong problem-solving mindset with the ability to remain calm under pressure.
- Exceptional ability to learn in a fast-paced environment.
Preferred Qualifications
- 1–3 years of entry-level SOC/IT security exposure.
- Previous IT experience
- Relevant certifications (Security+, CySA+, CEH, or vendor-specific)
Why work at NetCov?
- Innovative Solutions: Work with cutting-edge cybersecurity and IT services tailored to the financial sector’s evolving needs.
- Competitive Compensation: Competitive base salary plus performance-based incentives and commissions.
- Professional Growth: Access to continuous training, career development, and opportunities for advancement within a rapidly growing company.
- Collaborative Culture: Join a team of passionate professionals who work together to solve complex challenges and deliver exceptional service to our clients
Role Logistics
- This is a full-time, exempt position.