Sr Principal Information Security Analyst - SOC

Full Time
Herndon, VA
Areas of Interest: All Source Intelligence, Incident Response, Investigation
report a problem

About Us:

Symantec Corporation (NASDAQ: SYMC) is the global leader in cyber security. Operating one of the world’s largest cyber intelligence networks, we see more threats, and protect more customers from the next generation of attacks. We help companies, governments and individuals secure their most important data wherever it lives.


We make the world a safer place by helping people, businesses and governments protect and manage their information, so they can focus on achieving their goals.



In the Global Security Office, you will have the opportunity to work for the protection of Symantec’s information technology, brand, intellectually property, and customer data from misuse or compromise. Security controls have never been more important and as the leader in security solutions, we are targeted relentlessly and aggressively on many fronts and must defend ourselves accordingly. The Global Security Office is responsible for all aspects of security at Symantec and, as such, is made up of a diverse, multi-disciplinary and highly talented group of individuals who strive everyday to protect what is most critical to Symantec.



The Global Security Office is currently seeking candidates for an experienced SOC Analyst. This is an exciting opportunity to be part of a key team of cyber security professionals here at Symantec, supporting full life cycle cyber security operations.


We are seeking an individual that can bring in-depth security analysis and handling expertise to support daily operations and help grow and mature our current SOC environment. As a SOC Analyst you will directly support the Security Operations Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response.


Additionally, the SOC Analyst will help develop and enhance detection and response capabilities including creation of robust SIEM content, IDS rules, SOP documentation, and implementation of incident response methodologies.



  • Monitor, triage, and prioritize events, alerts and tips for further investigation
  • Investigate events, alerts and tips to determine if an incident has occurred
  • Investigate network traffic for potential security incidents
  • Conduct in- depth, thorough analysis of network traffic and host activity across a wide array of technologies and platforms
  • Perform incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
  • Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management
  • Assist and mentor less experienced analyst staff regarding analysis, investigations, and incident response
  • Evaluate existing technical capabilities and systems and identify opportunities for improvement
  • Research and test new security tools/products and make recommendations of tools to be implemented in the SOC environment
  • Regularly review standard operating procedures and protocols to ensure SOC continues to effectively meet operational requirements
  • Conduct “after action” reviews to identify lessons learned and best practices
  • Foster innovation, creativity, collaboration, and professional growth of the SOC team
  • Maintain strong standards, and promote productivity, accountability and high morale
  • Influence and improve upon existing processes through innovation and operational change
  • Ensure the SOC analyst team is providing excellent customer service and support


  • 7+ years of SOC or MSSP experience with at least 3 year in an in-depth technical role
  • 4+ years of SIEM experience – with knowledge of content creation (rules, alerts, etc.)
  • Strong analytical and investigation skills
  • Experience with Splunk – preferably proficient with Splunk’s Search Processing Language (SPL), developing correlation rules, dashboards, and custom searches
  • Experience with automated incident response tools (PSTools, Sysmon, etc.)
  • Experience with packet capture and analysis (tcpdump/windump, Wireshark, etc.)
  • Experience with host and network forensics
  • Strong understanding of security architectures and devices
  • Strong understanding of threat intelligence consumption and management
  • Strong understanding of root causes of malware infections and proactive mitigation
  • Strong understanding of lateral movement, footholds, and data exfiltration techniques
  • Ability to mentor and coach less experienced security analysts. Providing techniques and strategies to dig deeper into investigations
  • Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility
  • Track record of creative problem solving, and the desire to create and build new processes
  • Strong time management and multitasking skills as well as attention to detail
  • Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
  • Comfortable with impromptu tasking and loosely defined requirements
  • Excellent oral and written communications skills
  • Relevant security certifications (CISSP, GCIA, GCIH, GREM, CEH, etc.)
About Us

Relentlessly protect the world’s information. Make a difference at Symantec. Across the globe, we are an ‘essential’ partner to both consumers and businesses of all sizes. We combine our talents, our brains, and our creative energy to reinforce our place as a world-class technical community.

Our most critical asset at Symantec is the talent we hire - you! We look for people who have a desire to excel and reflect our values: Innovation, Action, Customer-Driven, and Trust. We recognize that every opening in our company is a chance to increase Symantec's competitive advantage, and we are willing to invest in you in order to win.

Symantec is an equal opportunity employer. All candidates for employment will be considered without regard to race, color, religion, sex, national origin, physical or mental disability, veteran status, or any other basis protected by applicable federal, state or local law.

Symantec will respond to requests for reasonable accommodations to assist you in applying for positions at Symantec, or to submit a resume. If you need to request an accommodation, please contact our HR Helpdesk at 1-800-497-2580 or by email at

EEO is the Law. Applicants and employees of Symantec Corporation are protected under Federal law from discrimination.Click here to find out more.

Share this job:


Do it simply, safely, and quickly. Do it all. Wonder, Explore, Transform, Connect, Innovate, Prosper
Symantec Corporation (NASDAQ: SYMC) is the global leader in cybersecurity. Operating one of the world’s largest cyber intelligence networks, we see more threats, and protect more customers from the next generation of attacks. We help companies, governments and individuals secure their most important data wherever it lives. Headquartered in Mountain View, Calif., Symantec has operations in 39 countries and employees 11,000 world wide.

Encryption, Antivirus and Malware protection, eDiscovery, Identity Protection and Authentication, Information Protection, Cyber Security Services, Threat Protection
Visit Symantec's Social Media pages:
Company Industry: Computer Software
Company Type: Public Company
Company Size: 10,001+