SOC Analyst I

Marcum LLP is thrilled to announce that we are now part of CBIZ and CBIZ CPAs, a partnership that unites us with one of the nation's top accounting and advisory providers. As part of this new chapter, we are pleased to confirm that you'll still be working with the same dedicated team and receiving the same high-quality service you've come to rely on.

CBIZ, Inc. is a leading professional services advisor to middle-market businesses and organizations nationwide. With unmatched industry knowledge and expertise in accounting, tax, advisory, benefits, insurance, and technology, CBIZ delivers forward-thinking insights and actionable solutions to help clients anticipate what's next and discover new ways to accelerate growth. CBIZ has more than 10,000 team members across over 160 locations in 21 major markets nationwide.

Together, CBIZ and CBIZ CPAs are ranked as one of the top providers of accounting services in the United States. CBIZ CPAs is an independent CPA firm providing audit, review, and attest services, while CBIZ provides business consulting, tax, and financial services. In certain jurisdictions, CBIZ CPAs continues to operate under its previous name, Mayer Hoffman McCann P.C.

As a Tier 1 SOC Analyst, you will play a critical role in our cybersecurity operations by receiving and performing initial triage of security alerts, incident intake, ticket updates, and reporting of cyber events. You will be responsible for maintaining ticket queues, escalating incidents to Tier 2 and Tier 3 analysts when necessary, and proactively monitoring various channels for security threats. There are several shifts available, 24 hours/week, 2nd and 3rd shifts.

Essential Functions & Primary Duties

• Security Alert Triage: Receive and perform initial triage of security alerts, assess their severity, and determine appropriate actions for resolution.
• Incident Management: Handle incident intake, update incident tickets, and ensure that all relevant information related to security events is accurately documented in the ticketing system.
• Log Analysis: Review and analyze security logs and event data from various sources, such as firewalls, intrusion detection systems, and endpoint security tools, to identify potential security incidents.
• Security Documentation: Maintain and update standard operating procedures (SOPs) and knowledge base articles to document incident response processes and best practices.
• Threat Intelligence: Stay informed about the latest cybersecurity threats, vulnerabilities, and attack techniques, and apply this knowledge to enhance the SOC's threat detection capabilities.
• Ticket Queue Management: Maintain unassigned and assigned ticket queues, ensuring timely resolution and effective communication with stakeholders.
• Escalation: Identify incidents that require the attention of Tier 2 and Tier 3 analysts and facilitate their escalation for further investigation and resolution.
• Dashboard Monitoring: Proactively monitor security dashboards to detect and respond to emerging threats in real-time.
• Indicators of Compromise (IOCs): Understand, identify, and research Indicators of Compromise (IOCs) to support threat detection and incident response efforts.
• Hotline Support: Answer incoming hotline calls from clients, assisting them with security-related inquiries and incident reporting.
• Email Security: Monitor and respond to various email accounts, investigate phishing emails, and take appropriate actions to mitigate email-based threats.
• Client Communication: Monitor and respond to client Slack channels, providing timely updates on security incidents and maintaining effective communication with clients.
• Reporting: Prepare weekly/monthly metric reports, including findings, actions taken, and visualizations to highlight improvements in client security controls and practices.

Preferred Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
• Relevant certifications such as CompTIA Security+, CompTIA CySA+, GIAC Security Essentials (GSEC), or others is a plus.
• Strong understanding of cybersecurity principles and technologies.
• Excellent problem-solving and analytical skills.
• Effective communication and interpersonal skills.
• Ability to work in a fast-paced, high-pressure environment.
• Willingness to work rotating shifts, including nights and weekends.
• Prior experience in a SOC environment is preferred.

Minimum Qualifications

• College degree or equivalent
• 1 year related experience
• Proficient use of applicable technology
• Ability to follow technical instructions and guidelines
• Ability to document daily activities and system functions
• Able to work in a team environment
• Demonstrated ability to communicate verbally and in writing throughout all levels of an organization, both internally and externally
• Ability to travel as required by business and on-call availability
• Able to lift up to 50 lbs.

The hourly rate for this job in this market is $30.47 - $37.17. The specific compensation for this role will be determined based on the education, experience, and skill set of the individual selected for this position.

The compensation above is not representative of an employee's total compensation. Beyond income, should you become a full-time team member, you have access to comprehensive medical and dental insurance, retirement savings, life and disability insurance, health care and dependent care reimbursement accounts, certification incentives, education assistance, referral program, paid holidays, paid vacation, sick leave and much more.

The application window is anticipated to close on or before March 31st, 2025.

#LI-CF2 #LI-Remote