SOC Analyst

Company Overview:

Arctiq is a leader in professional IT services and managed services across three core Centers of Excellence: Enterprise Security, Modern Infrastructure and Platform Engineering. Renowned for our ability to architect intelligence, we connect, protect, and transform organizations, empowering them to thrive in today's digital landscape. Arctiq builds on decades of industry expertise and a customer-centric ethos to deliver exceptional value to clients across diverse industries.

Position Overview:

We are hiring multiple SOC Analysts at the Tier 1 and Tier 2 levels to staff our Day, Swing, and Night shifts. You will be a frontline defender for a diverse portfolio of clients — monitoring detections, triaging alerts, leading investigations, executing response playbooks, and continuously improving the way we detect and respond to threats.

This role is ideal for analytical, curious, and resilient practitioners who enjoy fast-paced work, want exposure to a broad range of environments and technologies, and care deeply about protecting customers.  

Responsibilities:

Continuously monitor and triage alerts and detections across SIEM, EDR/XDR, identity, email, network, and cloud telemetry for our managed client base, applying severity classification and initial enrichment on every event you touch.

Investigate suspicious activity end-to-end — from validation and pivoting through to root-cause analysis — using knowledge of attacker tradecraft, the MITRE ATT&CK framework, and the cyber kill chain to reach confident, well-supported conclusions.

Execute documented response playbooks to contain threats, including isolating hosts, disabling compromised accounts, blocking indicators, resetting credentials, and coordinating handoffs with client and engineering teams.

Partner with Detection Engineering to reduce noise and false positives, and to propose, test, and deploy new analytics, automations, and SOAR playbooks that make the SOC faster and more accurate.

Maintain audit-grade documentation throughout every case, capturing notes, timelines, and customer-facing communications cleanly in the ticketing and case-management system.

Consistently meet triage, investigation, and notification SLAs while sustaining high accuracy, low false-positive rates, and strong client satisfaction across the portfolio.

Drive continuous improvement of the SOC by feeding lessons learned back into detections, playbooks, runbooks, and knowledge-base articles in partnership with SOC Leadership and Detection Engineering.

Operate on an assigned shift (Day, Swing, or Night) within a 24x7 rotation — including weekends and holidays as scheduled — and respond to on-call escalations when required.

Qualifications:

One or more years in an IT security role or IT support role with significant security responsibilities.

Working knowledge of core security concepts: TCP/IP, common protocols, Windows and Linux fundamentals, Active Directory / Entra ID, cloud (Azure / AWS / GCP) basics, and common attacker techniques.

Familiarity with at least one SIEM and one EDR/XDR platform; comfortable writing or modifying basic queries (KQL, SPL, or similar).

Demonstrated ability in effective communication and collaborating in a diverse high-performance team environment a strong commitment to customer service.

Individuals will be required to submit to a background examination.  

Location:

Remote candidates across North America will be considered, with preference given to candidates in or near one of our hub locations:

Nashville, Tennessee, USA

Duluth, Georgia, USA

Candidates must be legally authorized to work in the country where they reside. Arctiq does not sponsor work Visas at this time.

Arctiq is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply.

We thank you for your interest in joining the Arctiq team! While we welcome all applicants, only those who are selected for an interview will be contacted.