Already filled

Don't miss the next one. Get matching roles delivered to your inbox.

Get matching jobs by emailAll Remote jobs
MO

Mondo

SOC Analyst

Job summary

Denver
Engineering

Work model

Fully remote
Only US
1 week ago
Job description

Job Details

  • Location: Remote
  • Start Date: ASAP / 2 weeks from offer
  • Duration: Contract-to-Hire
  • Compensation: $80-90/hr W2
  • Benefits: Eligible for Health, Dental, Vision, 401K

Must be authorized to work in the U.S. This position is not eligible for sponsorship.

Role Overview

Our client is seeking a Lead Security Analyst to serve as a technical leader within their Security Operations Center, supporting a large enterprise healthcare environment. This role blends hands-on security engineering with incident command responsibilities, requiring someone equally comfortable responding to active threats and advising on long-term security posture improvements. The ideal candidate brings strong judgment, clear communication skills, and the ability to engage directly with end users and stakeholders across the organization.

Day-to-Day Responsibilities

  • Lead cyber incident triage and response, determining scope, urgency, and next steps through resolution or escalation
  • Serve as incident commander during major security events, coordinating response efforts and communicating with stakeholders
  • Design, tune, and maintain detection logic, correlation rules, dashboards, and alerts within Microsoft Sentinel and the broader Microsoft security stack
  • Lead and participate in proactive threat hunting activities to identify indicators of compromise before incidents occur
  • Develop and maintain security automation playbooks and SOAR workflows to improve response speed and consistency
  • Support onboarding, parsing, and normalization of log sources into the SIEM
  • Write and maintain incident response playbooks, runbooks, and SOPs
  • Mentor and support SOC analysts, promoting a culture of continuous improvement
  • Participate in after-hours on-call rotation on a monthly basis
  • Partner with Infrastructure, Compliance, and Operations teams on security initiatives

Minimum Requirements

  • Senior-level Security Analyst experience with a blend of security operations and security engineering
  • Hands-on experience deploying and administering Microsoft Sentinel
  • Experience leading incident investigations and coordinating response efforts at enterprise scale
  • Proven track record creating security automation playbooks and response workflows
  • Strong background tuning detections, alerts, and correlation rules
  • Experience supporting environments with 35,000 users or similarly large organizations
  • Deep expertise in the Microsoft security ecosystem, including Azure, Microsoft Defender Suite, and related services
  • Experience leveraging AI-enabled security tools, including Microsoft Copilot for Security
  • Strong communication skills with the ability to engage directly with end users and non-technical stakeholders
  • Familiarity with HIPAA and regulated/healthcare environments

Preferred Qualifications

  • Experience with CrowdStrike or other enterprise EDR platforms
  • Background assessing security programs and providing strategic improvement recommendations
  • Experience with security operations automation, orchestration, and response best practices