CyberSOC Consultant

SRA’s mission is to level up every day to protect our clients and their customers. This begins with our team members and their experience. SRA prides itself on maintaining a culture where team members have a shared sense of support and belonging, consistent with our It’s Personal company value. At SRA, we prioritize transparent career pathing, varied DEI programming and community groups, competitive benefits including mental health support, and an emphasis on a sustainable, healthy, and engaging work culture. SRA has twice been named a Best Place to Work by the Philadelphia Business Journal.  

These Essential Functions, Requirements, and Skills are guidelines. If you are a candidate who does not meet this exact job description but can demonstrate excellent organization, attention to detail, professionalism, flexibility, and self-direction in your professional background, we hope you apply. SRA values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, and veterans to apply.  

Summary/Objective  

The Cybersecurity Operations Consultant is an entry-level role on Security Risk Advisors’ CyberSOC team. You will help monitor, triage, and investigate security alerts across endpoint, network, identity, and cloud data sources, and you will document and communicate findings suitable for client consumption. This role supports 24x7 SOC operations and provides exposure to multiple client environments, modern security tooling, and structured mentorship and training.   

Essential Functions    

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.  

• Continuously monitor and triage security alerts across endpoint, network, identity, and cloud telemetry. 

• Investigate alerts to determine severity, scope, and whether activity is benign, suspicious, or malicious; escalate per documented procedures. 

• Perform initial incident response support activities such as evidence collection, timeline development, and basic containment recommendations under supervision. 

• Use SIEM, EDR, NDR/NSM, and SOAR platforms to detect, investigate, and respond to threats; examples include Splunk or Microsoft Sentinel (SIEM), CrowdStrike Falcon or Microsoft Defender for Endpoint (EDR). 

• Leverage threat intelligence and common frameworks (e.g., MITRE ATT&CK) to enrich investigations and communicate attacker behavior clearly. 

• Thoroughly document work in case management systems, including investigation steps taken, evidence reviewed, decisions made, and recommended next actions. 

• Communicate status and findings to internal leadership and clients with professionalism and clarity (written and verbal). 

• Contribute to continuous improvement by identifying recurring false positives/noisy alerts and providing feedback for tuning and playbook updates. 

• Maintain proficiency through required training, labs, and knowledge sharing; follow policies to protect confidential information. 

Supervisory Responsibility    

Not applicable.  

Work Environment    

This job operates in a professional office environment or remotely as needed/required. This role routinely uses standard office equipment.  

Physical Demands    

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear; use hands to finger, handle, or feel; and reach with hands and arms. The employee frequently is required to stand and walk. This is a largely sedentary role.  

Candidates with disabilities are encouraged to apply and email [email protected] with any questions. Reasonable accommodations may be made to enable disabled individuals to perform the essential functions of this role.  

Position Type/Expected Hours of Work    

This is a full-time position with 40 working hours expected weekly, typically worked over five consecutive days. New hires may be assigned to any of our three daily shifts (morning, day, or night) and will work a schedule that includes either Saturday or Sunday. Shifts are assigned based on current coverage needs and resource geolocation. Once assigned, you can expect a consistent shift week to week.   

This listing/description is for our team’s Blue Shift, which runs from 6:00 a.m. – 3:00 p.m. Ireland Time. (This corresponds to 1:00 a.m. – 10:00 a.m. EST.) 

Travel    

• Occasional travel may be requested for onboarding and training (e.g., to an SRA office).   

• Team members who live within reasonable distance of an office are encouraged to work from the office regularly for mentorship, experience, and exposure, based on business needs and role requirements.  

Requirements

Required Education and Experience    

• Bachelor’s degree in Information Technology, IT Security, Computer Science, Computer Engineering, or equivalent experience.  

• 1-3 years of professional experience, campus applicants are welcome.   

• Punctuality and timely attendance to external client and internal stakeholder needs. 

Preferred Qualifications and Experience 

• Coursework, labs, internship, or work experience in one or more of: incident investigation, digital forensics fundamentals, information security, systems administration, or computer networking.  

• Familiarity with common log sources and security concepts (e.g., authentication logs, Windows event logs, DNS, HTTP, email security).  

• Comfort learning new tools and following documented processes; strong attention to detail and case documentation habits.  

• Strong written and verbal communication skills and a high level of professionalism in client-facing environments.  

• Ability to work effectively on a team while owning independent tasks and meeting deadlines.  

• Interest in automation/scripting (e.g., PowerShell or Python)  

• Security certifications (e.g., SC-200, Security+, Network+, etc.).    

Other Duties  

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.  

Benefits

4% match pension scheme, full family VHI and dental cover, compressed hours, laptop provided, training/education allowance.

Security Risk Advisors is a fast growing 300+ person company with offices in Philadelphia, Rochester, New York and Kilkenny, Ireland. We deliver state-of-the-art cyber security consulting services to Fortune 1,000 organizations in the Financial Services, Healthcare, Pharmaceutical, Technology, Industrial and Consumer Products industries. Security Risk Advisors maintains a fast-paced and innovative culture that focuses exclusively on engagements that solve the emerging needs of our clients. Our environment fosters the continuous professional development necessary to remain at the top of our game.

To find out more about us, please visit our website at: https://sra.io

EEO Statement  

Security Risk Advisors is an Equal Opportunity Employer and prohibits discrimination or harassment of any kind. All employment decisions at SRA are based on business needs, job requirements, and individual qualifications, without regard to race, color, sex, sexual orientation, gender identity or expression, age, religion, national origin, disability, marital or family status, veteran status, medical condition, or any similar category protected under federal, state, or local laws.    

SRA values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, and veterans to apply.