We are seeking a dedicated and experienced individual with a strong background in information security and technology to join our growing Managed Security Service Provider (MSSP) within the Security Operations Center (SOC). As a SOC Analyst, you will play a crucial role as the technical expert who ensures our SIEM platform runs at peak performance and provides actionable security intelligence. This individual will be a key part of our security infrastructure team, working closely with SOC Analysts and IT staff.The schedule is 2nd shift Thursday to Monday from 11:30 am to 8:30 pm eastern standard time. You must live in one of these locations to be considered for this remote position. (Connecticut, Delaware, Florida, Georgia, Illinois, Maryland, Massachusetts, New York, South Carolina, North Carolina, Tennessee, Texas, Utah, Virginia, Vermont, DC, Kentucky, Pennsylvania, Ohio or Washington.)Duties/Responsibilities:SIEM Platform ManagementAdminister and maintain the SIEM platform, ensuring system health, performance, storage, and availability. Perform updates, patching, and backups regularly.Log Source IntegrationCoordinate with internal and client teams to onboard new log sources, ensuring accurate and efficient data collection and parsing.Content Development and OptimizationCreate, tune, and manage SIEM content including correlation rules, alerts, dashboards, and reports to enhance detection capabilities and reduce false positives.Performance Monitoring and OptimizationAnalyze SIEM performance metrics and implement improvements to support scalability and high-speed querying.Documentation and ReportingMaintain documentation for SIEM architecture, processes, and procedures. Generate reports on system health, performance, and security metrics for management and compliance.Security Incident ResponseConduct in-depth analysis and investigation of security incidents. Collaborate with SOC analysts to escalate and resolve advanced threats.Client Engagement and AdvisoryAssess client security needs and recommend tailored solutions aligned with Kraft Kennedy SOC standards. Develop and implement security policies to strengthen client security posture.Collaboration and SupportProvide technical guidance and support to the SOC team. Troubleshoot SIEM-related issues and ensure timely resolution.Continuous Learning and Threat AwarenessStay current with emerging security trends, technologies, and threats to proactively safeguard client environments.RequirementsAvailability & ResponsivenessBe available on call outside of normal business hours in case of emergencies. Able to work in a fast-paced environment and manage multiple priorities.Technical Expertise Across IT & SecurityLeverage experience across various IT disciplines, including hands-on use of security monitoring tools, vulnerability scanning, and reviewing assessment reports. Maintain strong networking knowledge with a focus on security.SIEM Platform ProficiencyDemonstrate deep understanding of enterprise-level SIEM platforms (e.g., ConnectWise SIEM), including log formats, collection methodologies, data normalization, and content creation (correlation rules, exclusions, dashboards, reports).System Administration & ScriptingExperience with Linux/Windows system administration and command-line tools. Proficient in scripting languages such as Python and PowerShell, and query languages like KQL.Security Frameworks & Incident ResponseKnowledge of security frameworks (MITRE ATT&CK, NIST, CIS). Hands-on experience with incident handling and response processes.Troubleshooting & Problem SolvingStrong analytical skills to diagnose and resolve technical issues effectively.Communication & CollaborationExcellent verbal and written communication skills, with the ability to explain complex technical concepts to both technical and non-technical audiences. Strong teamwork and collaboration skills.Platform FamiliarityDemonstrate proficiency with the Kraft Kennedy SOC stack.Education and Experience:Must hold or be able to obtain within one “1” working year, two “2” Microsoft security certifications, AZ-500 and SC-200, required by Kraft Kennedy. *These are subject to change per Kraft Kennedy requirements.Minimum of 3 years of experience in IT Security or related field is requiredExperience with EDR, Mail Hygiene, Zero Trust and Vulnerability management tools.Ability to manage and prioritize multiple assignments while meeting deadlines.Security Certifications (CISSP, GCIA GCIH, GCFA or GCFE) a plus!Compensation The base pay for this position has a range of $65,000- $75,000. The actual salary offer will take into account a wide range of factors including the individual’s qualifications, experience as well as location. In addition, certain positions are eligible for bonuses or commissions.Physical Requirements: · Prolonged periods of sitting at a desk and working on a computer.BenefitsMedical, dental, life and disability insurance401k with company matchHolidays/vacation/sick daysCutting edge training on the latest technologiesEmployee referral bonus programPhone reimbursementKraft Kennedy is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, ethnicity, age, disability, marital status, veteran status or any other characteristic protected by law.
