SOC Detection and Response - Sr Analyst

What success looks like in this role:

• Develops and executes security controls, defenses and counter measures to intercept and prevent attacks or attempts to infiltrate company systems.
• Ensures security product deployment is performed in a seamless manner across varied environments and systems.
• Implements automation by scripting and application programming interfaces (APIs) to integrate security products and ensure they work in an orchestrated manner.
• Coordinates the handling and resolution of security incidents and day-to-day operations and maintenance of security tools.

You will be successful in this role if you have:

Required Qualifications:

• Experience: 2-3 years of hands-on experience working in a Security Operations Center (SOC), Digital Forensics, or Incident Response role, demonstrating a foundational understanding of operational security challenges and the incident lifecycle.
• Technical Proficiency:
  • In-depth understanding and practical experience with Security Information and Event Management (SIEM) systems (e.g., Splunk, Google SecOps) for log analysis, sophisticated rule creation, and dashboard development.
  • Strong knowledge of Endpoint Detection and Response (EDR) and Intrusion Detection/Prevention Systems (IDS/IPS).
  • Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation, data manipulation, and custom tool development.
  • Solid understanding of network security, protocols, and traffic analysis.
  • Familiarity with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK) to inform detection strategy and rule development.
• Analytical and Problem-Solving Skills:
  • Exceptional analytical skills to analyze large, complex datasets, identify subtle anomalies, patterns, and indicators of malicious activity.
  • Demonstrated ability to think critically, troubleshoot complex problems, and make sound decisions under pressure, particularly during incident investigations.
• Collaboration and Communication:
  • Strong verbal and written communication skills for reporting findings, documenting procedures, and collaborating effectively with cross-functional teams and external partners.

Preferred Qualifications:

• Experience working with Google SecOps, Cribl, audit logs, and cloud-native detection tools.
• Hands-on experience with Kubernetes incident response and forensic analysis.
• Familiarity with Detection-as-Code principles, version control (e.g., Git/GitHub), and CI/CD pipelines for detection rule management.
• Relevant security certifications (e.g., SANS, Offensive Security, cloud security certifications).

#L1-SL1

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

Local employment practices and rights may vary by jurisdiction and are subject to applicable local laws. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers.

If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com. US job seekers can find more information about Unisys’ EEO commitment here.