Job Overview:
The Cybersecurity Analyst – SOC Operations is responsible for monitoring, detecting, investigating, and responding to cybersecurity threats across the enterprise environment. This role serves as a key member of the Security Operations Center (SOC) and focuses on threat detection, incident response, endpoint security, identity threats, and security monitoring of enterprise infrastructure, cloud environments, and critical business systems.
The analyst will investigate security alerts, triage incidents, correlate threat intelligence, and collaborate with IT and infrastructure teams to contain and remediate cybersecurity risks. This position plays an operational role in maintaining enterprise security visibility and minimizing cyber risk exposure.
Key Responsibilities/Accountabilities:
Security Monitoring & Threat Detection
Monitor enterprise security tools and alerts for suspicious activity, malicious behavior, or policy violations.
Analyze and triage security events generated from:SIEM platforms
Endpoint Detection & Response (EDR)
Email security platforms
Network monitoring tools
Identity and access monitoring solutions
Cloud security platforms
Investigate indicators of compromise (IOCs), anomalous behaviors, and suspicious user activity.
Correlate logs and events across multiple security systems to identify threats.
Escalate high-risk incidents according to playbooks and incident severity classifications.
Incident Response
Participate in cybersecurity incident response activities including:Detection
Triage
Containment
Eradication
Recovery
Post-incident review
Investigate phishing, malware, ransomware, account compromise, insider threat, and unauthorized access incidents.
Document incident findings, root cause analysis, and remediation recommendations.
Support after-hours cybersecurity response activities when necessary.
Endpoint, Identity & Network Security
Monitor endpoint security posture and investigate endpoint-related threats.
Analyze authentication anomalies including:Privileged account misuse
Impossible travel
MFA anomalies
Suspicious logins
Excessive failed authentication attempts
Support Zero Trust security initiatives through continuous monitoring of identity, device, and access risks.
Investigate unusual network behavior and lateral movement attempts.
Cloud Security Monitoring
Monitor cloud security events across Microsoft 365, Azure, SaaS platforms, and enterprise cloud services.
Investigate risky cloud behaviors, privilege escalation, abnormal sharing, and unauthorized access attempts.
Assist with remediation of cloud security findings and misconfigurations.
Vulnerability & Exposure Management Support
Review vulnerability scan results and assist with prioritization of remediation activities.
Validate remediation of critical vulnerabilities.
Monitor exposure trends and recurring weaknesses affecting enterprise systems.
Security Automation & Continuous Improvement
Assist in developing playbooks and incident response procedures.
Support SOAR workflows and automation initiatives.
Identify opportunities to improve detection coverage and operational efficiencies.
Contribute to lessons learned and continuous improvement activities.
Requirements / Basic Qualifications:
Security Monitoring & Detection
SIEM platforms such as Microsoft Sentinel, Splunk Enterprise Security, or similar
EDR/XDR solutions such as Microsoft Defender for Endpoint or comparable platforms
Security log analysis and event correlation
Identity & Access Security
Identity monitoring in environments such as:Microsoft Entra ID
Active Directory
Privileged Access Management systems
Authentication threat analysis
Network & Cloud Security
Firewall, DNS, proxy, and network telemetry analysis
Experience with:Zscaler
Microsoft security ecosystem
Cloud security monitoring tools
Familiarity with SaaS and remote-access security models
Automation & Response
Experience with scripting (PowerShell, Python, or Bash preferred)
Familiarity with SOAR and security automation
Preferred Certifications:
Preferred certifications include:
CompTIA Security+
CompTIA CySA+
GCIH
AZ-500
CISSP (preferred for senior analyst level)
Company Overview:
For nearly six decades, Primoris has built a reputation for taking on challenges that others will not – setting the bar ever higher for us and our industry with each project.
Now, as we build a sustainable infrastructure that supports the growing needs of the nation – and the world – we reaffirm innovation, quality, service, and safety as our core values. And we remind ourselves that the pioneering spirit of yesteryear fuels the imagination of today.
Primoris Services Corporation (Primoris) is ranked in the top 10% of the prestigious Top 400 Contractors List by Engineering News Record (ENR), having built projects throughout the United States as well as Latin America, South and Central America, and Southeast Asia.
We build great projects because we have built a great company – and insist on great performance.
And that’s a product of our people, passion, and partners.
Company Overview:
Primoris Services Corporation is a premier specialty contractor providing critical infrastructure services to the utility, energy, and renewables markets throughout the United States and Canada. Built on a foundation of trust, we deliver a range of engineering, construction, and maintenance services that power, connect, and enhance society. On projects spanning utility-scale solar, renewables, power delivery, communications, and transportation infrastructure, we offer unmatched value to our clients, a safe and entrepreneurial culture to our employees, and innovation and excellence to our communities. To learn more, visit www.prim.com and follow us on social media at @PrimorisServicesCorporation.
Benefits:
401k w/employer match
Health/Dental/Vision insurance plans
Paid time off
10 paid holidays
Stock purchase plan
EEO Statement
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Agency Statement
We are not accepting resumes from Third Party Recruiting Firms for this position. If you are an Agency or Search firm representative, contact the Primoris Talent Acquisition Manager directly for consideration. Primoris or its subsidiaries will not be responsible for any fees arising from the use of resumes and online response forms through this source. In addition, Primoris or its subsidiaries will not be responsible for any fees on unsolicited resumes that are submitted to any member of the Staffing or Operations team. Primoris has established an approved vendor program for this service and will only consider accepting submissions from those approved firms. For consideration in becoming an approved vendor, contact HR.
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.