Wintrio LLC
SOC Tier I Analyst, 24x7 Monitoring Company Overview
Remote
·
Full time
Company website
As a SOC Tier I Analyst, you will support 24x7x365 monitoring of a federal client’s Microsoft-centric security environment. You will perform initial alert triage, validate security events, document findings, escalate incidents, and support continuous monitoring across Microsoft Sentinel, Microsoft Defender, identity, endpoint, cloud, and network telemetry.
About Wintrio LLC
Description
SOC Tier I Analyst, 24x7 Monitoring Company Overview
WINTrio LLC (WINTrio) is a leading provider of Cyber/DevSecOps, Cloud, Artificial Intelligence (AI)/Machine Learning (ML), and Agile Software Development solutions. We collaborate closely with federal and commercial clients to solve complex technical challenges by delivering innovative, agile, and cost-effective solutions. Our team is empowered to think creatively and deliver impactful results that drive measurable value.
Role: SOC Tier I Analyst
Location: Remote
Client: Long-term Federal/Public Sector
Work Authorization: US Citizen or Green Card preferred; must be able to pass federal background and suitability requirements.
Job Summary:
As a SOC Tier I Analyst, you will support 24x7x365 monitoring of a federal client’s Microsoft-centric security environment. You will perform initial alert triage, validate security events, document findings, escalate incidents, and support continuous monitoring across Microsoft Sentinel, Microsoft Defender, identity, endpoint, cloud, and network telemetry.
Key Responsibilities:
- Monitor Microsoft Sentinel and Defender XDR alerts in a 24x7x365 shift environment.
- Perform initial triage of security alerts and determine escalation paths.
- Review identity, endpoint, cloud, network, email, GitHub, SQL, and backup-related alerts.
- Document alert disposition, evidence, false positive rationale, and escalation notes.
- Follow approved playbooks and standard operating procedures.
- Escalate high-severity or suspicious activity to Tier II or Tier III analysts.
- Support monitoring of failed log ingestion, log forwarding issues, and Sentinel pipeline health.
- Assist in daily and weekly security operations reporting.
- Maintain accurate case documentation in SharePoint, Jira, Teams, or other government-furnished tools.
Required Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field, or equivalent experience.
- 2+ years of SOC, help desk security, cybersecurity monitoring, or IT operations experience.
- Basic understanding of SIEM operations, endpoint security, phishing alerts, identity events, and incident escalation.
- Familiarity with Microsoft Sentinel, Microsoft Defender, KQL, or comparable SIEM tools.
- Ability to work assigned shifts, including nights, weekends, or holidays as required.
- Strong documentation and communication skills.
Tools and Preferred Qualifications:
- Microsoft Sentinel, Defender XDR, MDE, MDI, Entra ID.
- KQL basics, Jira, SharePoint, Microsoft Teams.
- Security+, CySA+, SC-200, CEH, or equivalent preferred.
- Experience supporting federal or regulated environments preferred.
Benefits
- Medical, Dental, and Vision Insurance
- FSA & HSA options
- 401(k) Retirement Plan
- Annual Bonus & Profit Sharing
- Paid Time Off (PTO) & Vacation
- Employee Assistance Program (EAP)
- Life & Disability Insurance
Why Join WINTrio?
WINTrio is a people-first, employee-driven organization. We offer opportunities to grow across emerging technologies, program management, and business development while working on high-impact federal initiatives.
Equal Opportunity Employer
WINTrio LLC is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, gender identity, national origin, age, veteran status, or disability.
📩 Apply Now: https://www.wintrio.com/jobs/soc-tier-i-analyst-24x7-monitoring/
Salary
$10,000 - $300,000 per year