Job description

First Quality was founded in 1989 and, in nearly three decades, has grown to be a global privately held company with over 4,000 employees. Its corporate offices are located in Great Neck, New York, with manufacturing facilities and offices in Pennsylvania, South Carolina, Georgia, and Canada. First Quality is a diversified family of companies manufacturing consumer products ranging from Absorbent Hygiene (adult incontinence, feminine care, and baby care), Tissue (bath and towel), and Industrial (print and packaging materials), serving institutional and retail markets throughout the world. First Quality focuses on private label and branded product lines. Our core business philosophy is built on a proud culture driven by safety and quality, respect, humility, integrity, customer focus, and teamwork. With leading edge manufacturing technologies and processes and visionary leadership, First Quality is positioned to continue significant growth in the coming years. We are actively seeking an experienced SOC Analyst to join our Security Operations Center in Great Neck, New York, or work in a hybrid capacity from CT, GA, NY, NJ, PA, or SC. In this role, you will be responsible for incident detection, investigation and response, rules development tuning and improvement, defining and developing automations, and incorporating Threat Intelligence and Threat Hunting activities to enhance detection and mitigation strategies. Primary Responsibilities: • Incident Detection and Response - Monitor and analyze alerts generated by SIEM/SOAR platforms and user reports, investigate security incidents, and execute containment and eradication procedures to minimize impact and restore normal operations. • Tuning & Optimization – Continuously refine detection rules and SOC processes to reduce false positives, enhance detection accuracy, and improve overall operational efficiency. • Research & Development – Explore emerging threats and attack techniques to develop and implement new detection rules to expand visibility and strengthen the organization’s security posture. • Threat Hunting – Proactively hunt for hidden threats by analyzing logs and identifying gaps missed by existing security tools and improve security posture. • Threat Intelligence - Review threat intelligence feeds, channels and articles to identify potential risks and proactively strengthen defenses. • Automation Development - Design, implement, and maintain automation solutions to streamline SOC workflows, reduce manual effort, and accelerate incident response times. • Reporting – Prepare and present comprehensive reports on key SOC activities, metrics, and security trends to stakeholders and management. • Penetration Testing - Participate in Red and Purple Team exercises to assess and improve the effectiveness of security controls and incident response capabilities. Required Experience: • Hands-on experience working with SIEM (e.g. Splunk, Microsoft Sentinel, Qradar) • Familiarity with EDR solutions like CrowdStrike, SentinelOne, Microsoft Defender for Endpoint or Cortex XDR. • Understanding and familiarity with interpreting common log sources for monitoring and investigation (e.g. Firewall, Azure AD, Windows Security Log, Email, Proxy\URL Filtering etc.) • Solid grasp of prevalent attack types, including phishing, brute-force attacks, malware, and data exfiltration techniques. • Excellent verbal and written communication skills, with the ability to collaborate effectively with team members both within and outside the SOC. • High level of situational awareness and problem sensitivity, with the ability to proactively identify issues and escalate concerns as appropriate. • Demonstrated proactive mindset, strong sense of responsibility, and urgency in addressing security incidents and tasks. • Ability to work independently, manage multiple priorities, and succeed in a fast-paced, dynamic environment. • Strong motivation and willingness to continually learn and grow, adapting to new tools and evolving threat landscapes. • Minimum of 1 year of experience working in a Security Operations Center (SOC) environment, either in-house or with a Managed Security Service Provider (MSSP). • Bachelor’s degree in Computer Security, Cybersecurity, Information Security, or a related field preferred. Additional relevant experience may be considered in lieu of a degree. Preferred Experience: • Experience with advanced SIEM content development, including custom correlation rules, dashboards, and reporting. • Proficiency in scripting languages such as Python, PowerShell, or Bash for automating security tasks and processes. • Direct involvement in end-to-end incident response, including root cause determination and post-incident reporting. • Experience monitoring and securing cloud environments (e.g., Microsoft Azure, AWS, Google Cloud Platform).

Requirements