Senior Security Operations Center Analyst

Join a winning team of innovative thinkers, seasoned mortgage professionals, and financial experts. Build your career at Planet—recognized as a Top Mortgage Employer by National Mortgage Professional.

Job Summary

The Senior Security Operations Center (SOC) Analyst is responsible for leading advanced monitoring, detection, and response efforts to protect the organization’s systems, data, and users. This role continuously monitors applications, networks, and endpoints for anomalies or potential security breaches, and manages case workflows across incident response, forensics, and threat investigations. The analyst executes and refines incident response plans, coordinates cross-functional efforts, and preserves forensic evidence for legal or internal analysis. Additionally, proactively gathers and applies threat intelligence to update detection rules and response processes, conducts threat hunting to uncover hidden risks, and supports legal and HR investigations through eDiscovery case setup and data collection. This position plays a key role in strengthening the organization’s security posture through strategic analysis and operational excellence.

Essential Duties and Responsibilities

• Monitoring & Detection: Continuously monitor systems, applications, users, data, and networks for unusual activity, anomalies, or potential security breaches. (Case Mgmt).
• Incident Response: Act quickly to investigate and mitigate security incidents, such as data breaches, malware infections, or unauthorized access.  Establish and execute an incident response plan, coordinating efforts across teams. (Case Mgmt)
• Forensics: Investigate and analyze cyber incidents to determine the root cause and extent of the impact.  Preserve evidence for legal proceedings or further internal analysis. (Case Mgmt)
• Threat Intelligence: Gather, analyze, and apply information about emerging threats and vulnerabilities.  Work with security engineers to proactively prepare defenses based on insights from internal and external sources.  Update detection rules and response processes accordingly. Threat Hunting: Actively search for hidden or undetected threats within an organization's systems and networks using various tools and techniques
• Solution Engineering: Build and deploy security tools, capabilities, and technologies tailored to organizational needs.  Ensure solutions are scalable, efficient, and integrate seamlessly with existing systems. (Engineering & Architecture)
• eDiscovery: Ability to set up cases providing needed data to support legal searches or HR investigations)
• Reviews and updates policy and procedures that support the Information Security Program.
• Performs miscellaneous duties as assigned (Process improvement, Training, Documentation, etc.).

Position Requirements

Education

• High school diploma or GED equivalent required
• Bachelor’s degree in computer science, cybersecurity, or other related program preferred
• Possession of industry certifications highly preferred including, but not limited to, Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC, especially GSEC or GCIH), Microsoft Certified: Security Operations Analyst Associate, Certified Incident Responder (CIR) – SANS

Experience

• Minimum of 5 years’ experience in mortgage loan collections
• Uhk
• Minimum of seven (7) years of Information Security experience required
• Minimum of three (3) years of experience working as a SOC analyst
• Experience working with external service providers
• Experience working in non-security IT roles such as systems, network, development, or other IT areas a plus

Functional/Technical Skills

• Hands-on experience with Endpoint, Detection, and Response (EDR) tools (Cortex XDR, Sentinel One, or Crowdstrike)
• Proficiency with Windows and Linux operating systems, including command-line usage to support process analysis
• Proficiency in Cloud security tools within Azure and AWS
• Ability to interpret and analyze scripts such as Python and PowerShell
• In-depth knowledge of current threats, vulnerabilities, and emerging attack techniques
• Understanding of system internals (e.g., processes, memory, registry)
• Strong knowledge of network security principles

•     Strong written and verbal communication skills with the ability to convey technical expertise to diverse audiences

•     Strong understanding of information security controls, risks and threats

• Strong knowledge of enterprise security technologies, e.g., Virtual Private Network (VPN), Encryption, Firewalls, Intrusion Detection/Prevention, and Anti-Virus, SOAR, Email security, CNAPP, IAM

Environmental/Physical Demands

Work is typically preformed in a standard office environment. The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job with or without accommodation. While performing the duties of this job, the employee is:

• On-call availability for evenings/weekends if needed.
• Limited travel may be required
• Required to sustain predictable work attendance,
• Frequently required stand, walk, sit, climb stairs or ladder, stoop, kneel, crouch or crawl, and use arms, hands and fingers to reach, handle or touch, operate, place, or position.
• The employee must occasionally lift and/or move up to 50 pounds.
• Regularly required to communicate with others, detect, converse with, discern, convey, express oneself, and exchange information.
• Specific vision abilities required by this job include close vision, and ability to adjust focus.

Pursuant to the Americans with Disabilities Act, reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Benefits

Our benefits package includes 3 comprehensive Cigna or Kaiser medical plans, dental, and vision insurance. We provide short term and long-term disability insurance, basic life insurance, 401(k), and 11 employer paid holidays. In addition, we offer supplemental benefits to include life insurance, critical illness and accident plans.                                                                                          

Planet Home Lending does not accept unsolicited resumes or candidate submissions from recruiters or employment agencies. In the absence of an enforceable, fully executed agreement for a specified position, Planet Home Lending has no obligation to pay any compensation or recruiter fee of any kind. In the event a recruiter, agency or other similar third-party submits a resume or candidate without a valid binding agreement, Planet Home Lending explicitly reserves the right to pursue and hire those candidate(s) without any obligation or compensation to the referring party. Any unsolicited resumes, referrals, or candidate submissions, including those communicated to a member of the Human Resources team or a hiring manager, shall be deemed the property of Planet Home Lending.  If you or your agency would like to be considered as a future recruiting partner, please email HR-Recruiting@planethomelending.com.