Job Description

We’re seeking a future team member for the role of Senior SOC Analyst to join our Security Operations Center team. This role can be in Pittsburgh PA or Lake Mary FL. Schedule: Sunday-Thursday 1PM - 9 PM

Key Responsibilities

• Lead triage and investigation of security alerts, escalating and coordinating incident response as needed.
• Perform root cause analysis, scope affected assets, and drive containment, eradication, and recovery.
• Correlate events across SIEM, EDR, IDS/IPS, firewalls, cloud logs, and identity platforms to identify true positives and reduce false positives.
• Develop, refine, and maintain SOC playbooks, runbooks, and detection logic aligned to the MITRE ATT&CK framework.
• Mentor junior analysts and provide guidance on investigation techniques, documentation standards, and operational best practices.
• Coordinate with Threat Intelligence to enrich investigations, track adversary TTPs, and proactively hunt for indicators of compromise.
• Partner with Engineering teams to tune detections, improve log fidelity, and strengthen preventive controls.
• Create clear, actionable incident reports and executive summaries; contribute to metrics and trend analysis.
• Support purple team exercises and post-incident reviews to capture lessons learned and drive continuous improvement.
• Ensure adherence to regulatory and security policies; maintain audit-ready documentation for investigations and incidents.

Qualifications

• 6 and 3; years of experience in a SOC, incident response, or threat detection role, including Tier 2/3 investigations.
• Advanced proficiency with SIEM (e.g., Splunk, QRadar, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender), and SOAR platforms.
• Strong knowledge of network security, Windows/Linux, identity systems, and common cloud logging sources.
• Hands-on experience with the MITRE ATT&CK framework, threat hunting, IOC/IOA development, and detection tuning.
• Demonstrated ability to lead complex incidents, coordinate stakeholders, and communicate clearly under time pressure.
• Scripting or automation experience (e.g., Python, PowerShell) for investigation enrichment and workflow improvements.
• Familiarity with NIST CSF/800-61, CIS Controls, and common regulatory requirements impacting incident response.
• Excellent documentation skills and an evidence-driven approach to investigations.

Preferred Qualifications

• Relevant certifications: GCIA, GCED, GCIH, GCFA, GNFA, CISSP, CCSP, or equivalent experience.
• Experience with ticketing and case management systems (e.g., ServiceNow) and knowledge management practices.
• Prior experience with threat intel platforms, sandboxing tools, and malware triage is a plus.

Work Schedule

• This role is scheduled Sunday- Thursday 1 PM - 9 PM, to support operational coverage.
• Occasional flexibility may be required during major incidents or planned exercises

At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.

Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary.