Senior SOC Analyst

Why N-able

At N-able, we’re not just helping businesses be secure —we’re redefining what it means to be cyber resilient. Our end-to-end platform blends AI-powered capabilities and flexible tech stacks, so customers can manage, secure, and recover with confidence. But the real power behind it all? Our people. We’re a global crew of N-ablites, who love solving complex problems, sharing knowledge, and delivering solutions that actually make a difference. If you're into meaningful work, fast growth, and a team that’s got your back, you’ll be surrounded by people who believe in what they do—and in you. Join a team where you can make a difference!

The Senior SOC Analyst is an experienced cybersecurity professional responsible for handling complex and high-priority security inquiries, incidents, and service requests. Acting as a technical expert and mentor to Analysts, the Senior SOC Analyst plays a crucial role in ensuring swift and accurate resolutions, guiding technical topics, and serving as a critical escalation point.

Please note that this role is on-site, therefore working in the Morrisville Collaboration Hub 3+ times per week is required. The standard shift is 3pm-11pm EST, either Tuesday-Saturday or Sunday-Thursday.

What You'll Do

• Led DFIR (Digital Forensics & Incident Response) investigations, performing rapid triage, evidence preservation, root‑cause analysis, and incident containment across endpoint, identity, and cloud environments.
• Directed end‑to‑end incident response (IR) for high‑severity security events, including scoping impact, coordinating containment and eradication, and delivering clear technical and executive‑level incident reporting.
• Developed and tuned threat detections using SIEM/XDR telemetry (process, network, file, and identity signals), aligning detections to MITRE ATT&CK and reducing false positives while improving time‑to‑detect.
• Lead IH engagements from containment through eradication and recovery planning.
• Provide technical and procedural guidance to customers during active incidents.
• Conduct root-cause analysis and determine long-term remediation steps.
• Perform deep-dive analysis of attacker TTPs, persistence mechanisms, and lateral movement.
• Review forensic artifacts from endpoints, networks, and cloud environments.
• Correlate indicators of compromise to broader attack campaigns and threat actors.
• Act as a primary point of contact for customers during incident engagements.
• Deliver technical findings and recommendations to both technical and executive stakeholders.
• Provide remediation roadmaps tailored to customer environments.
• Partner with operational MDR team analysts to transition containment into IH workflows.
• Collaborate with operational MDR Teams for intelligence gathering and validation.
• Contribute to IH playbook development and improvement.
• Provide mentorship and peer review for junior analysts.
• Share lessons learned with SOC leadership to improve service delivery.

What You'll Bring

• 4–6 years of experience in SOC, Managed Detection Response, or equivalent cybersecurity role.
• Proven experience handling escalations and complex investigations.
• Bachelor’s degree in Cybersecurity, IT, or related field (or equivalent experience).
• Advanced knowledge of SOC operations, incident support, and analysis techniques.
• Ability to mentor and support less experienced analysts.
• Excellent communication skills for both technical and non-technical audiences.
• High proficiency with SIEM, IDS/IPS, EDR, and related tools.
• Analytical and detail-oriented with a passion for solving problems.
• Strong mentor and team player.
• Calm and dependable under high-pressure situations.
• Ethical, professional, and dedicated to customer security.
• Ability to work on a 24/7 shifting model. The standard shift is 3pm-11pm EST, either Tuesday-Saturday or Sunday-Thursday.

Purple Perks

• Fully covered medical, dental and vision – for employee and eligible dependents!
• Generous PTO and observed holidays
• 2 Paid VoluNteer Days per year
• Paid Parental Leave
• 401(k) with company-match and Flexible Spending Accounts
• Employee Stock Purchase Program
• On-site gym access at select Collaboration Hubs
• Wellness rewards
• FuN-raising opportunities as part of our giving program 
• N-ablite Learning – custom learning experience as part of our investment in you 
• The Way We Work – our hybrid working model based on trust and flexibility 

About N-able

At N-able, our mission is to protect businesses against evolving cyberthreats with an end-to-end cyber resilience platform to manage, secure, and recover. Our scalable technology infrastructure includes AI-powered capabilities, market-leading third-party integrations, and the flexibility to employ technologies of choice—to transform workflows and deliver critical security outcomes. Our partner-first approach combines our products with experts, training, and peer-led events that empower our customers to be secure, resilient, and successful.