At Franklin Templeton, we believe success is built through powerful partnerships. As a forward thinking asset manager, we build dynamic relationships with clients, understand their goals, and navigate complex markets together. We leverage cutting edge strategies and deep insights to unlock opportunities for long term wealth creation. Our talented, global teams bring expertise that is both broad and unique.
From our welcoming, inclusive, and supportive culture to our globally diverse business, we offer opportunities not only to help you reach your potential, but also to contribute to our clients’ success.
Independently monitor, triage, investigate, and respond to security alerts and incidents while coordinating containment, remediation, and escalation activities. The role is expected to handle most day-to-day SOC investigations, improve detection quality, contribute to threat hunting, maintain strong case documentation, and provide guidance to analysts when required.
The role is responsible for advanced security monitoring, investigation, and incident response in a 24x7 SOC environment. It requires strong analytical thinking, evidence-based investigation, and the ability to correlate activity across endpoints, network, identity, email, cloud, applications, and enterprise security tools.
The role contributes to SOC maturity by improving detection rules, use cases, escalation logic, playbooks, investigation guides, and response documentation. It also supports threat hunting, post-incident reviews, stakeholder communication, and remediation tracking to strengthen the organization’s overall detection and response posture.
Lead SOC investigations, incident response, containment, and remediation while improving detection coverage, response effectiveness, threat hunting outcomes, and SOC operational maturity.
The SOC is responsible for continuously monitoring and improving the organization’s security posture by preventing, detecting, analyzing, and responding to cybersecurity incidents using security tools, threat intelligence, defined processes, and operational response capabilities.
Monitor, analyze, triage, and investigate security alerts, events, and medium to high severity incidents using established SOC processes, playbooks, and escalation paths.
Perform detailed investigation of suspicious activity across endpoints, network, identity, email, cloud, applications, and other enterprise security technologies.
Validate alerts, determine scope and impact, identify affected users, systems, accounts, and data, and distinguish true positives from false positives.
Lead and support incident response activities across the incident lifecycle, including detection, analysis, containment coordination, remediation tracking, recovery support, and closure documentation.
Perform root cause analysis for security incidents and document evidence, timeline, impact, actions taken, remediation recommendations, and lessons learned.
Conduct threat hunting using threat intelligence, indicators of compromise, behavioral patterns, attack techniques, and frameworks such as MITRE ATT&CK.
Review, tune, and improve SIEM, EDR, XDR, and related detection rules, correlation logic, alert thresholds, and monitoring use cases to improve detection accuracy and reduce false positives.
Identify gaps in logging, monitoring, alerting, detection coverage, escalation, and response processes, and recommend practical improvements.
Prepare clear incident reports, investigation summaries, escalation notes, and stakeholder communications for technical and non-technical audiences.
Collaborate with security engineering, infrastructure, application, cloud, identity, and business teams to support investigation, containment, remediation, and control improvement.
Track remediation actions with responsible teams and ensure incident-related risks, findings, and corrective actions are addressed in a timely manner.
Maintain and improve SOC playbooks, runbooks, standard operating procedures, knowledge articles, investigation guides, and response documentation.
Ensure alerts, incidents, investigation steps, evidence, decisions, and closure notes are accurately documented in ticketing or case management systems.
Support analysts through investigation guidance, knowledge sharing, and review of incident handling quality.
Participate in post-incident reviews and identify improvements to detection coverage, response processes, threat hunting, and operational maturity.
Educational background in Cybersecurity, Computer Science, Information Technology, Engineering, or a related discipline, preferably with cybersecurity-focused coursework, specialization, or practical security exposure.
4-7 years of hands-on experience in SOC, security operations, incident response, threat detection, security monitoring, or related cybersecurity operations roles.
Strong hands-on experience with SIEM and EDR/XDR platforms, including alert investigation, log analysis, case handling, incident scoping, and evidence collection.
Strong understanding of security operations concepts, including alert triage, incident response, threat detection, attack techniques, networking fundamentals, operating systems, identity security, cloud security, and core security principles.
Ability to analyze logs, alerts, telemetry, user activity, system events, and investigation evidence to identify patterns, anomalies, root cause, and potential security impact.
Experience improving detection rules, correlation logic, alert quality, use cases, monitoring coverage, and false positive reduction.
Practical knowledge of MITRE ATT&CK, threat intelligence, indicators of compromise, attacker behavior, and common threat hunting approaches.
Familiarity with common security frameworks and control references such as NIST, CIS, and related industry practices.
Exposure to cloud environments, identity and access technologies, email security, network security, endpoint security, threat intelligence, ticketing systems, or security analytics platforms.
Basic scripting or automation exposure using Python, PowerShell, APIs, JSON, REST, or similar technologies is a plus, especially for investigation support and operational efficiency.
Strong attention to detail, structured thinking, ownership, curiosity, and ability to manage multiple concurrent incidents in a 24x7 operating environment.
Effective written and verbal communication skills with the ability to document findings clearly, explain technical observations, and collaborate with stakeholders and leadership.
This role will work a hybrid schedule in the St. Petersburg, FL office, 3 days/week.
Franklin Templeton offers employees a competitive and valuable range of total rewards – monetary and non-monetary – designed to support their well-being and recognize their time, talents, and results. Along with base compensation, employees are eligible for an annual discretionary bonus, a 401(k) plan with a generous match, and recognition rewards. We also offer a comprehensive benefits package, which includes a range of competitive healthcare options, insurance, and disability benefits, employee stock investment program, learning resources, career development programs, reimbursement for certain education expenses, paid time off (vacation / holidays / sick / leave / parental & caregiving leave / bereavement / volunteering / floating holidays) and a motivational wellbeing program. We expect the annual salary for this position to range between $115,000 – $135,000, depending on location and level of relevant experience, plus discretionary bonus.
#MID_SENIOR_LEVEL
At Franklin Templeton, we believe your benefits should support your life, your goals, and your future. That’s why we offer a comprehensive Total Rewards package designed to help you thrive both personally and professionally.
- Paid Time Off Three weeks of PTO in your first year
- Health Coverage Competitive medical, dental, and vision insurance to support your well-being
- Retirement Savings 401(k) plan with an 85% company match on pre-tax and/or Roth contributions, up to IRS limits
- Equity & Investing Employee Stock Investment Plan (ESIP) with discounted share purchase opportunities
- Learning Education Assistance Program (LEAP) To support your ongoing growth and career advancement
- Employee Investment Benefits Opportunity to purchase company funds with no sales charge
Franklin Templeton is an Equal Opportunity Employer. We are committed to providing equal employment opportunities to all applicants and employees, and we evaluate qualified applicants without regard to ancestry, age, color, disability, genetic information, gender, gender identity, or gender expression, marital status, medical condition, military or veteran status, national origin, race, religion, sex, sexual orientation, and any other basis protected by federal, state, or local law, ordinance, or regulation.
Franklin Resources, Inc. [NYSE:BEN] is a global investment management organization with subsidiaries operating as Franklin Templeton (www.franklinresources.com).
The products, services, information and materials referenced in this site may not be available to residents in certain jurisdictions. Consult with an investment professional or contact your local Franklin Templeton office for more information. This site and the information contained herein is not intended to constitute an offer to sell or an invitation or solicitation of an offer to buy any product or service by Franklin Templeton. Nothing in this website should be construed as investment, tax, legal or other advice.
All investments involve risks, including potential loss of principal.
LinkedIn is owned by a third party unaffiliated with us. We are not responsible for LinkedIn’s privacy, security, or terms of use policies that control this service, nor their content, software, or tools (or those of any third party’s) that are available through links from this page. You use any third-party site/media, software and materials at your own risk. US readers:
View our Terms and Conditions at: https://www.franklinresources.com/resources/social
©Franklin Templeton. All rights reserved.
