What are the responsibilities and job description for the SOC Analyst Tier 1 - 100% onsite position at Jobs via Dice?
Location:
Charlotte, NC
Duration:
6 Month Contract to Hire
Position Overview:
Tier-1 SOC Analyst provides continuous (24x7) security monitoring and first-line incident triage in a shift rotation. The analyst reviews security alerts from monitoring tools, validates whether activity is suspicious, initiates documented Playbook response actions, and escalates confirmed or high-risk incidents to higher Tier SOC team.
Key Responsibilities
Watch SIEM/EDR/NDR dashboards and alert queues during assigned shifts
De-duplicate and prioritize alerts by severity, asset criticality, and confidence
Validate true/false positives using logs and contextual data.
Execute standard playbooks (e.g., block IP/domain, isolate endpoint via EDR, disable account per procedure, pull email from mailbox, request password reset)
Provide clear handoff notes at shift change (status, actions taken, evidence, next steps)
Create and update incident case with timelines, evidence, and actions
Required Technical Skills
2 years of relevant experience or equivalent combination of education and work experience
Familiarity with typical SOC Tools: SIEM, SOAR, EDR
Understanding log sources: Windows Security logs, Sysmon, Entra, VPN, firewall, DNS, proxy, email
Understanding of common attacker techniques and vocabulary such as MITRE ATT&CK and OWASP
Basic scripting (PowerShell/Python) for quick analysis
6:30am -4:30pm EST Sun-Wednesday
6:30am-4:30pm EST Wednesday-Saturday
12:30pm-10:30pm Sunday-Wednesday
12:30pm-10:30pm Wednesday-Sunday
Charlotte, NC
Duration:
6 Month Contract to Hire
Position Overview:
Tier-1 SOC Analyst provides continuous (24x7) security monitoring and first-line incident triage in a shift rotation. The analyst reviews security alerts from monitoring tools, validates whether activity is suspicious, initiates documented Playbook response actions, and escalates confirmed or high-risk incidents to higher Tier SOC team.
Key Responsibilities
Watch SIEM/EDR/NDR dashboards and alert queues during assigned shifts
De-duplicate and prioritize alerts by severity, asset criticality, and confidence
Validate true/false positives using logs and contextual data.
Execute standard playbooks (e.g., block IP/domain, isolate endpoint via EDR, disable account per procedure, pull email from mailbox, request password reset)
Provide clear handoff notes at shift change (status, actions taken, evidence, next steps)
Create and update incident case with timelines, evidence, and actions
Required Technical Skills
2 years of relevant experience or equivalent combination of education and work experience
Familiarity with typical SOC Tools: SIEM, SOAR, EDR
Understanding log sources: Windows Security logs, Sysmon, Entra, VPN, firewall, DNS, proxy, email
Understanding of common attacker techniques and vocabulary such as MITRE ATT&CK and OWASP
Basic scripting (PowerShell/Python) for quick analysis
6:30am -4:30pm EST Sun-Wednesday
6:30am-4:30pm EST Wednesday-Saturday
12:30pm-10:30pm Sunday-Wednesday
12:30pm-10:30pm Wednesday-Sunday