Location: US - Remote within CST or EST zones

ECI delivers cloud-based business-critical ERP, CRM, and line-of-business applications to more than 25,000 customers worldwide. As part of our global Information Security team, the SOC Analyst will play a crucial role in monitoring, detecting, investigating, and responding to security incidents while supporting the ongoing maintenance and improvement of our CrowdStrike, Tenable, and SIEM platforms.

Job Description

The SOC Analyst will be a key member of the Information Security team, responsible for monitoring, detecting, and responding to security threats across ECI’s global infrastructure. This role requires a proactive approach to security event management, working closely with various stakeholders to investigate incidents, remediate vulnerabilities, and enhance detection capabilities within platforms such as CrowdStrike, Tenable, and SIEM solutions. The analyst will play a crucial role in identifying security gaps, refining alerting processes, and ensuring a rapid response to emerging threats.

In addition to security operations, the SOC Analyst will also support risk management efforts by assessing security risks across the organization. This includes evaluating security controls, assisting with risk assessments, tracking remediation efforts, and contributing to compliance initiatives such as SOC 2, ISO 27001, and NIST frameworks. The analyst will work closely with internal teams and compliance stakeholders to ensure that security risks are effectively managed, documented, and aligned with business objectives.

Beyond day-to-day security operations, this role also involves collaborating with internal teams to improve security posture, develop playbooks, and contribute to compliance initiatives. The ideal candidate will be highly analytical, detail-oriented, and capable of balancing technical expertise with effective communication to ensure that security incidents are handled efficiently and that security best practices are continuously reinforced across the organization.

Duties And Responsibilities

• Monitor and respond to security alerts from CrowdStrike, SIEM, and other security platforms.
• Triage detections, conduct initial investigations, escalate when necessary, and follow through to remediation and resolution.
• Work with IT, engineering, and business teams to investigate security events and ensure full mitigation.
• Assist in the maintenance and tuning of security monitoring tools to enhance detection capabilities.
• Support risk management efforts by driving remediation initiatives and fostering stakeholder understanding of security risks and mitigation strategies.
• Contribute to incident response efforts, including forensics, containment, and recovery.
• Support threat-hunting activities by identifying anomalous behaviors, researching emerging threats, and improving detection techniques.
• Perform vulnerability scanning, assessment, and reporting using Tenable and work with relevant teams to track remediation efforts.
• Document security incidents, findings, and remediation actions in ticketing systems (e.g., JIRA).
• Work with internal teams to refine alerting thresholds, detection rules, and automation.
• Assist in the review and creation of security policies and procedures related to endpoint and cloud security.
• Participate in security awareness training and social engineering campaigns to improve user security hygiene.
• Support security compliance efforts (e.g., SOC2, ISO 27001, NIST, FedRamp) by providing logs, reports, and evidence as required.
  
  

Qualifications & Experience

• Bachelor’s degree or 5+ years of experience in Information Security, Risk Management and Data Protection.
• Work within a framework to identify security gaps and mitigation recommendations.
• Experience with penetration and vulnerability testing techniques a plus.
• Able to help strategize methods of detecting/preventing threat actor tactics and techniques.
• Good understanding of security defense measures and mechanisms.
• Familiar with Incident Response concepts a plus.
• Fundamental technical understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures
• Substantial experience with policy frameworks and regulations such as CMMC, SOC2, ITAR, ISO 27001/27002, NIST, GDPR, etc.
• Experience with Risk Management in compliance and/or security context
• Strong communication and organizational skills, outstanding attention to detail, and excellent problem-solving and follow-up skills
• Must be able to participate in team meetings to support team Lead/Manager with stakeholder requirements, business needs to articulate technical processes and objectives.
• A commitment to further ECI’s culture and values and to providing extraordinary service.
• Prefer candidate to hold one or more of the following certifications: CISA, CISM, CISSP, CIPP
  
  

The International Traffic in Arms Regulations (ITAR) is the United States regulation that controls the manufacture, sale, and distribution of defense and space-related articles and services as defined in the United States Munitions List (USML). Besides rocket launchers, torpedoes, and other military hardware, the list also restricts the plans, diagrams, photos, and other documentation used to build ITAR-controlled military gear. This is referred to by ITAR as “technical data”. ITAR mandates that access to physical materials or technical data related to defense and military technologies is restricted to US Persons only.