Careers - SOC Analyst II

SOC Analysts at CPSI are responsible for monitoring and maintaining systems used in our internal security program. This includes the following of procedures to triage and investigate security alerts, and escalate issues as necessary. SOC Analysts have opportunities for mentorship from more senior members of the team, and involvement with maturing procedures, evaluating new security technologies, incident response, penetration testing, and the freedom to try out new ideas and technologies to improve the SOC and overall security posture.


  • Performs network security monitoring, security event triage, and incident response for the organization, coordinates with other team members, management to document and report incidents.
  • Maintains records of security events investigated and incident response activities, utilizing case management and ticketing systems.
  • Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify security issues for remediation.
  • Makes recommendations, creates, modifies, and updates Intrusion Detection Systems (IDS) and Security Information Event Management (SIEM) tool rules.
  • Ensure that we are implementing best practice security policies that address the client's business need while protecting their vital corporate assets.
  • Evaluates firewall change requests and assess organizational risk.
  • Provide support for ongoing projects by assisting in the implementation, testing and documentation of security related projects.
  • Participate in the planning and direction of security risk assessments to examine and verify security capabilities, behaviors, and controls for authentication, authorization, integrity, availability, assurance, audit, and disposal of CPSI's information assets to determine exposure and compliance levels.
  • May be engaged in other information security or risk management projects.
  • Other duties as assigned.

Minimum Requirements

  • Above all else: A passion for real-world Information Security.
  • Demonstrated desire to continuously learn and improve skills.
  • Ability to apply analytical concepts for problem solving.
  • Ability to work well as part of a team.
  • Excellent communication skills.
  • Highly detailed.
  • Knowledge of common internet attacks to include various types of fraud and scams.
  • Basic understanding of Unix/Linux command line.
  • Knowledge of Internet and Network concepts such as IP sub netting, DNS, HTTP, SMTP, etc.
  • Relevant education or experience relating to the IT industry.
  • SIEM experience.
  • Basic Network/System traffic/event analysis.
  • Basic Vulnerability Management.
  • Security Event Log monitoring.
  • Intrusion Detection/Prevention Monitoring.
  • Comfortable with impromptu tasking and loosely defined requirements
  • Willingness to obtain industry certifications (Security+, CISSP, CEH).
  • Bachelor’s Degree or Higher in IT, IT Security, or Related Field.
    • 5 or more years of relevant work experience in lieu of degree
  • SIEM experience – with knowledge of content creation (rules, alerts, etc.).
  • Strong analytical and investigation skills.
  • Experience with incident response tools.
  • Experience with packet capture and analysis.
  • Experience with host and network forensics.
  • Strong understanding of security architectures and devices.
  • Strong understanding of threat intelligence consumption and management.
  • Strong understanding of root causes of malware infections and proactive mitigation.
  • Strong understanding of lateral movement, footholds, and data exfiltration techniques.
  •  Ability to mentor and coach less experienced security analysts.
  • Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility.
  • Track record of creative problem solving, and the desire to create and build new processes.
  •  Strong time management and multitasking skills as well as attention to detail.
  • Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity.
  • Comfortable with impromptu tasking and loosely defined requirements.
  •  Excellent oral and written communications skills.
  •  Relevant security certifications (CISSP, GCIA, GCIH, GREM, CEH, etc.).

Apply now for a position in

Mobile, Al