SOC Analyst
Job Description
Join Cornerstone Technology as an on-site SOC Analyst at the DoD Center – Monterey Bay in Seaside, CA. This 24x7 security operations environment operates with rotating shifts and requires an Active Secret clearance for DoD access. The role offers a salary of USD 65,000 to 75,000 per year and a robust benefits package including health, retirement savings, and paid time off.
Benefits
- 401(k)
- 401(k) matching
- Dental insurance
- Employee discount
- Flexible spending account
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Retirement plan
- Vision insurance
Responsibilities
- Monitor SIEM dashboards and security tooling around the clock to detect anomalies and potential security events in real time
- Perform initial detection and triage, correlating alerts with network and host activity to distinguish real threats from noise
- Maintain continuous situational awareness of active events and the health of monitored systems across the enterprise
- Conduct first-pass analysis of alerts in accordance with runbooks and standard operating procedures
- Categorize and prioritize events by severity, escalating confirmed or suspicious activity to Tier 2 analysts and incident responders
- Incorporate basic threat intelligence to enrich alerts and identify indicators of compromise
- Document all alerts, tickets, and logs accurately to maintain a complete auditable record of analysis and actions taken
- Produce daily shift turnover reports to hand off active events and sustain mission continuity
- Contribute to incident timelines and supporting documentation for events escalated to higher tiers
- Maintain consistent around-the-clock coverage and contribute to smooth shift turnover and SOC cadence
- Recommend enhancements to runbooks, detection logic, and triage procedures based on shift observations
- Support SOC drills, training, and process refinement to strengthen detection and response over time
Requirements
- Active Secret clearance
- U.S. citizenship required for CAC, DoD network, and SIPRNet access
- Ability to work on-site in Seaside, CA and support a 24x7 rotating shift schedule, including nights, weekends, and holidays as assigned
- 1–3 years of experience in a SOC, security monitoring, NOC, or IT/network operations role
- Hands-on experience monitoring and triaging alerts using enterprise SIEM platforms such as Splunk, Elastic, Microsoft Sentinel, QRadar, ArcSight, or similar
- Working knowledge of networking fundamentals (TCP/IP, common ports and protocols) and common attack types
- Strong documentation discipline and attention to detail under time pressure
- CompTIA Security+ certification or ability to obtain within 30 days of start to meet the DoD 8140/8570 IAT Level II baseline
Technologies
- Splunk
- Elastic
- Microsoft Sentinel
- QRadar
- ArcSight
- Tanium
- ACAS/Tenable Nessus
- Trellix/HBSS
- SolarWinds
- MITRE ATTACK framework
- SOAR platforms
License / Certification
- CompTIA Security+ (Required)
Security Clearance
Secret (Required)