Security Operations Center Analyst

Job Summary:A SOC (Security Operations Center) Analyst is a cybersecurity professional responsible for monitoring, detecting, and responding to security threats within an organization's IT infrastructure. They act as the first line of defense against cyberattacks, working to identify, analyze, and mitigate security incidents. Responsibilities:Demonstrate proficiency in Schellman MethodologyGuide associates and peersObtain certifications (ISO LA, CISA, CISSP, AWS CCP, etc.)Successfully run a project from fieldwork through completionUnderstand and demonstrate ability to speak to Schellman's service lines at a high level and their leadersDemonstrate proficiency of SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteriaDemonstrate understanding of Principal Service Commitments and System Requirements and how they impact scope of a SOC 2Know all four report opinion outcomes and ability to draft modified opinionsDemonstrate ability to identify if exception(s) would potentially yield a qualified opinionDemonstrate self-organization, consistently and proactively look ahead to future projects, and prepare accordinglySchellman MethodologyRead STMV quarterly, and demonstrate ability to apply concepts (sampling methodology, TA language structure, exception wording, etc.)Review and demonstrate ability to apply concepts of AS 2.0 Reference GuideReview and demonstrate ability to apply concepts of “EWP WP Guidance”Obtain CCSK and begin pursuing second certification (ISO 27001 LA, CISA, AWS CCP)Understand and demonstrate ability to articulate differences between SOC 1 and SOC 2Participate on project as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc.Begin understanding SOC 1 GITCs and each SOC 2 criteria for the Security, Availability, and Confidentiality categoriesAbility to articulate qualified vs unqualified opinion; know all four types of opinionsLearn Schellman's services and service line leadersAdhere to and complete all matters included in the Associate Score CardAccurately manage and report time worked to each project / initiativeKnowledge, Skills, and Abilities:Working knowledge of Schellman’s services, methodology, and relevant professional standardsRequisite knowledge of applicable technology and security domainsHigh level of attention to detail and quality of work productClient service-orientedExcellent time management, organizational, and verbal and written communication skillsAbility to work on-site or remotely as a valuable contributor to a collaborative teamCapable of simultaneously managing assigned tasks for multiple projectsProficient using Microsoft Word, Excel, and PowerPoint, as well as Schellman’s service delivery applicationsFull understanding and application of ethics, independence and Schellman’s values Education, Work Experience and CertificationsBachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified2+ years of related professional services experience in information security auditing, assessment, consulting or compliance, focused on ITGC or SOC controlsAbility to work well independently, within a team and with clients as well as travel ~40-50% (M-Th) Maintains (preferred) or working towards obtaining least one certification relevant to Schellman's services (i.e. CPA, CCSK or CISA)

Created: 2025-07-04