Remote – but must reside in Seattle, WA
Multiple Openings
Compensation:
- Up to $83,000 annually upon SkillBridge completion
Schedule:
- Training Phase (First 2–3 Months): Monday–Friday, 8:30 AM–5:00 PM
- Post-Training: Overnight shifts with weekend rotations
- Shift formats: 5×8 or 4×10 (final schedule TBD)
- Must be able to work nights and weekends
About the Client
Our client is building a new, dedicated Security Operations Center (SOC) to support continuous security monitoring and incident response. The SOC will operate 24/7 and consist of a small, highly collaborative team of Tier 1 analysts serving as the first line of defense against cyber threats.
The Role
The Tier 1 SOC Specialist is the first line of defense in the SOC, responsible for monitoring alerts, triaging security events, and escalating potential threats in real time.
This role is intentionally designed as a career-entry point into cybersecurity operations, with structured training, hands-on exposure to enterprise tooling, and clear progression paths into Tier 2 SOC, incident response, threat hunting, or security engineering roles.
What You’ll Do
- Monitor security alerts across SIEM, EDR, and logging platforms
- Perform initial triage and classification of security events
- Escalate confirmed or high-risk activity to Tier 2 analysts
- Analyze logs from Windows, Linux, network, and cloud systems
- Investigate common threats such as phishing, malware, and unauthorized access
- Document findings and contribute to SOC playbooks and runbooks
- Operate in a shift-based SOC environment, including nights and weekends
Required Qualifications
Must-Have
- SkillBridge eligibility is required
- Must reside in the Seattle, WA metro area
- Prior exposure to SOC, incident response, or security monitoring (professional, internship, or military experience)
- Willingness and ability to work overnight shifts and weekends
Technical Foundations
- Basic understanding of:
- Networking (TCP/IP, DNS, ports, traffic flow)
- Windows and Linux system logs
- Common security threats and attack types
- Hands-on familiarity with SIEM or EDR tools (Splunk, Sentinel, Defender, SentinelOne, etc.)
- Basic scripting exposure (PowerShell or Python preferred)
Professional Traits
- Strong attention to detail and documentation discipline
- Clear communication and comfort escalating issues
- Team-oriented mindset in a 24/7 operational environment
Career Growth & Upside
This role is built for long-term growth, not short-term staffing. Analysts who perform well will gain:
- Deep hands-on SOC experience with enterprise tooling
- Exposure to real-world incidents and operational security workflows
- Clear progression opportunities into Tier 2 SOC, IR, threat hunting, or cloud security roles
- A strong foundation for security certifications and advanced career paths
Nice to Have
- Security+ or similar entry-level certification
- Prior 24/7 SOC or shift-based operations experience
- Exposure to cloud platforms (Azure, AWS, or GCP)
- Familiarity with SOAR or security automation concepts
Work Environment
- Remote, with Seattle-area residency required
- Structured onboarding and training period
- High-trust, process-driven SOC environment
- Emphasis on learning, escalation discipline, and career development