Note: The job is a remote job and is open to candidates in USA. The University of Texas MD Anderson Cancer Center is seeking a Senior Cybersecurity Analyst Security Operations Center to serve within the Cybersecurity department, supporting the Security Operations Center (SOC). This role is responsible for continuous monitoring, detection, analysis, and response to cybersecurity threats and incidents, contributing directly to protecting critical systems and data.
Responsibilities
- Lead continuous monitoring of the institutional environment using SIEM and detection platforms
- Develop, tune, and maintain correlation rules, detection use cases, and alerting content
- Identify malicious or anomalous activity through advanced threat detection techniques
- Lead response to escalated Tier 1 alerts and security incidents
- Investigate root causes and determine scope and impact of incidents
- Manage containment and eradication procedures to resolve threats
- Proactively hunt for hidden threats and anomalous activity across systems
- Operationalize threat intelligence including indicators of compromise and adversary TTPs
- Map observed activity to the MITRE ATT&CK framework to enhance detection and response
- Develop and maintain detection logic, use cases, and automated response playbooks
- Minimize false positives through continuous tuning and optimization
- Leverage AI technologies, including generative and agentic capabilities, to improve SOC performance
- Support development and implementation of AI agents integrated with security tools and MCP
- Serve as a technical lead and escalation point for SOC analysts
- Mentor junior and mid-level analysts and lead knowledge transfer activities
- Develop SOC metrics, dashboards, and reports on performance and threat trends
- Maintain SOC workflows, runbooks, and standard operating procedures
- Support escalation of complex incidents to Tier 3 or CSIRT teams
Skills
- Bachelor's Degree Computer Information Systems, Business Information Systems, Computer Science or related field
- 5 years Experience in information security/cybersecurity experience, to include experience in multiple security domains
- Ability to work an on-call rotation and/or shift coverage as required by 24x7 SOC operations
- Master's Degree Information Security, Computer Science or related field
- At least 4–5 years of hands-on experience working in a Security Operations Center performing alert triage, investigation, and incident response, hands-on (querying, building/tuning detections, dashboards) in an enterprise SIEM, direct experience leading or serving as a primary responder on security incidents through the full lifecycle, relevant industry certification (e.g., GCIA, GCIH, GCFA, CySA+, Security+, or equivalent)
- CISSP Certified Information Systems Security Professional
- Certified Information Systems Auditor (CISA)
- Other applicable industry certifications
Benefits
- Employer-paid medical coverage starting day one for employees working 30+ hours/week, plus optional group dental, vision, life, AD&D, and disability insurance.
- Accruals for PTO and Extended Illness Bank, plus paid holidays, wellness, childcare, and other leave options.
- Tuition Assistance Program after six months of service and access to extensive wellness, fitness, and employee resource groups.
- Defined-benefit pension through the Teachers Retirement System, voluntary retirement plans, and employer-paid life and reduced salary protection programs.
- Referral Bonus Available?
- Relocation Assistance Available?
Company Overview