Associate Endpoint Security Analyst

Role : Security Operations Center (SOC) Analyst
Location :- Dallas,TX (OR) Virginia Beach, VA (Onsite)
Job type :- C2C or W2
Role Overview

Seeking a hands-on SOC Analyst to provide immediate operational support and free up internal security staff. This role focuses on real-time monitoring, triage, and response to security alerts across endpoint protection, phishing incidents, and email security tools. Primary responsibility includes working with: SentinelOne (EDR/XDR alerts) Microsoft Defender (Email, Endpoint, Identity alerts) Security Operations Center (SOC) Analyst Phishing reports from end-users

Key Responsibilities

• Security Alert Monitoring & Triage Monitor and triage alerts from: SentinelOne (malware, suspicious activity, behavioral alerts) Microsoft Defender (Defender for Endpoint, Defender for Office 365) Perform initial investigation and classification: True Positive / False Positive Severity and impact assessment Escalate complex incidents to internal teams
• Phishing Incident Response Analyze phishing reports submitted by users: Email headers, URLs, attachments Take appropriate response actions: Block sender/domain Quarantine emails Trigger user awareness notifications Coordinate with email security policies in Defender
• Incident Response Focus Alert triage and ticket creation Basic containment actions (isolate endpoint, block indicators) Run predefined playbooks Deep-dive investigation of incidents Endpoint forensics (via SentinelOne) Correlate alerts across tools Execute remediation actions (kill processes, isolate machines)
• Ticketing & Documentation Create and update incident tickets (ServiceNow/JIRA or equivalent) Maintain clear investigation notes and evidence Ensure SLA adherence for response and resolution
• Threat Detection & Improvement Identify recurring patterns and suggest tuning Reduce false positives via rule optimization Contribute to improving SOC playbooks and runbooks

Required Skills & Qualifications

Core Technical Skills Hands-on experience with: SentinelOne (EDR/XDR investigation) Microsoft Defender (Endpoint + Email Security) Strong understanding of: Phishing detection and analysis Malware behavior and indicators of compromise (IOCs) Email security (SPF, DKIM, DMARC basics) Familiarity with SIEM/SOAR tools (nice to have)

Preferred Skills Experience with: Microsoft Defender for Office 365 Threat Intelligence platforms Basic scripting (PowerShell/Python) for investigation Understanding of MITRE ATT&CK framework

Soft Skills Strong analytical thinking Clear communication (written & verbal) Ability to work in fast-paced SOC environment High attention to detail

Certifications (Preferred) Security+, CySA+ / CEH, Microsoft Security Operations Analyst (SC-200)

For applications and inquiries, contact: hirings@openkyber.com