Security Operations (SOC) Consultant

Job Description

As a Security Operations (SOC) Consultant at McKee-Nix & Associates, you will be responsible for monitoring, detecting, analyzing, and responding to security threats across the organization. You will work closely with the security, IT, and operations teams to strengthen the company’s security posture, ensure timely incident response, and maintain the overall health of security tools and processes. This role requires strong analytical skills, technical expertise, and the ability to adapt quickly to evolving threats.

Key Responsibilities

Monitor security tools, SIEM dashboards, alerts, and logs to identify potential threats or suspicious activity.

Conduct initial triage, investigation, and escalation of security incidents according to established procedures.

Perform malware analysis, threat hunting, and vulnerability assessments as part of ongoing security operations.

Assist in developing and refining SOC playbooks, incident response plans, and escalation procedures.

Collaborate with IT and cybersecurity teams to remediate threats, implement preventive controls, and strengthen system security.

Maintain and optimize SOC technologies, including SIEM, EDR, IDS / IPS, and log management systems.

Provide detailed documentation of incidents, investigations, and corrective actions.

Conduct threat intelligence research and share actionable insights with internal teams.

Assist in post-incident reviews, ensuring lessons learned are translated into improvements.

Ensure all SOC activities align with internal policies, risk management standards, and compliance requirements.

Support the deployment of new security tools and assist in evaluating emerging technologies.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).

2–5 years of experience in SOC operations, incident response, or cybersecurity analysis.

Hands-on experience with SIEM tools (e.g., Splunk, Microsoft Sentinel, ELK Stack, QRadar).

Strong understanding of cybersecurity concepts, threats, vulnerabilities, and attack techniques.

Experience with security tools such as EDR, IDS / IPS, firewalls, and vulnerability scanners.

Familiarity with incident response methodologies and frameworks.

Ability to analyze logs, alerts, and network traffic to identify anomalies.

Strong written and verbal communication skills, with the ability to document findings clearly.

Ability to work in a fast-paced environment and manage multiple tasks simultaneously.

Industry certifications such as Security+, CySA+, CEH, or similar are a plus.

Benefits

Competitive salary plus performance-based incentives

Health, dental, and vision insurance

401(k) with company match

Generous paid time off, including vacation, holidays, and sick leave

Hybrid or on-site work options depending on company needs

Professional development support, including certification and training reimbursement

Travel reimbursement for business-related engagements

Career growth opportunities into senior SOC, incident response, or security engineering roles

Wellness benefits, including mental health resources and wellness stipend

Paid parental or family leave

Requirements

Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). 3+ years of experience in cybersecurity consulting, advisory, or professional services. Hands-on experience with security assessments, architecture design, and risk management. Knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework, CIS Controls). Experience with regulatory compliance (e.g., GDPR, HIPAA, PCI-DSS) is preferred. Strong understanding of cloud security (AWS, Azure, GCP), identity management, encryption, and network security. Excellent communication skills, both technical and non-technical, with experience presenting to executives and technical teams. Consulting mindset : strong problem-solving, client-facing experience, and ability to lead engagements. Certifications such as CISSP, CISM, CRISC, or equivalent are a plus.