Sr SOC Analyst

Sr SOC Analyst

Legends Global is the premier partner to the world's greatest live events, venues, and brands. We deliver fully integrated premium services that keep our partners front and center through a white‑label approach. Our network of 450 venues worldwide hosts 20,000 events and entertains 165 million guests each year.

Job Title:

Sr SOC Analyst
Department:
Global Technology

Reports To:

VP, Cyber Security
FLSA Status:
Salaried/Exempt

The Senior SOC Analyst is responsible for detection, triage, and response operations across our enterprise. This role blends hands‑on incident handling with detection engineering, playbook development, and response automation. It delivers on alerts and case management, drives resilient detection strategies, and leads hunt efforts that proactively surface threats before they become incidents.

• Build and operationalize SOC playbooks and escalation workflows.
• Lead alert triage, enrichment, and false‑positive suppression.
• Author detection requirements; write and tune SIEM rules.
• Develop hunt hypotheses; lead hunt programs using advanced telemetry and signals intelligence.
• Design detection strategies across the kill chain; drive enterprise detection strategy.
• Execute incidents end‑to‑end: containment/eradication, documentation, and communication.
• Conduct post‑incident reviews and drive remediation and control improvements.
• Encourage industry collaboration; embed resilient detection engineering practices.
• Advocate and implement automation‑first incident response.

To perform this job successfully, an individual must be able to perform each essential duty with energy and enthusiasm. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Proven experience in a SOC or equivalent detection & response function and passion for high‑fidelity detections, repeatable playbooks, and measurable outcomes.
• 3‑5 years in Security Operations, Detection & Response, or Incident Handling (SOC experience required).
• Hands‑on experience with SIEM (e.g., Sec Ops, Sentinel, QRadar), EDR (e.g., Crowd Strike, Defender, Sentinel One), and SOAR platforms.
• Proficient in authoring detections, rule tuning, enrichment pipelines, and alert routing.
• Demonstrated ability in building and executing IR playbooks and containment/eradication plans.
• Experience conducting post‑incident reviews and RCAs, and delivering corrective action plans to engineering teams.
• Scripting skills (Python/Power Shell/Bash) for automation, enrichment, and data wrangling.
• Excellent written communication for case documentation and executive‑ready incident summaries.

• Turn noisy telemetry into actionable signals.
• Detail‑oriented and disciplined in organizing information; ship repeatable playbooks, maintain clean runbooks, and close feedback loops.
• Ready to mentor other analysts, set standards for communication and delivery for the SOC.
• Comfortable presenting complex technical information to the CISO or other executive leadership.

Competitive salary, commensurate with experience, and a generous benefits package that includes medical, dental, vision, life and disability insurance, paid vacation, and a 401(k) plan.

Location:

Hybrid (This person can be based out of our Dallas/Frisco, TX or Conshohocken, PA Corporate Headquarters).

These are representative of the demands that must be met to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Legends Global is an Equal Opportunity/Affirmative Action employer, and encourages Women, Minorities, Individuals with Disabilities, and protected Veterans to apply. VEVRAA Federal Contractor.