Cybersecurity SOC Analyst II

CHAOS Industries is redefining modern defense with a multi-product portfolio that gives the ultimate advantage—domain dominance. The company's products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators, and border protection teams to act faster, adapt rapidly, and stay ahead of evolving threats.  CHAOS Industries was founded in 2022 and has raised a total of $1 billion in funding from leading investors, including 8VC, Accel, and Valor Equity Partners. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, San Diego, Seattle, and London. For more information, please visit www.chaosinc.com . Role Overview: We are seeking a SOC Analyst II to join our growing Security Operations team and help defend the organization against evolving cyber threats. This role will support day-to-day monitoring, triage, investigation, and response activities across enterprise systems, endpoints, cloud infrastructure, and collaboration environments.   The ideal candidate is a mid-career cybersecurity professional with a strong technical foundation, curiosity for threat analysis, and a desire to grow within a mission-focused defense technology environment. This individual will work closely with senior security engineers, IT, and infrastructure teams to identify suspicious activity, investigate alerts, and support the protection of sensitive company and government-related data.   This position is ideal for someone who thrives in a fast-paced startup environment and is passionate about operational cybersecurity.   Responsibilities:   Security Monitoring & Incident Response   Monitor and triage security alerts and events across enterprise systems, endpoints, cloud platforms, and networks    Investigate suspicious activity, indicators of compromise, phishing attempts, malware detections, and unauthorized access attempts    Escalate validated security incidents to senior analysts or engineering teams as appropriate    Support containment, remediation, and recovery activities during cybersecurity incidents    Assist with root cause analysis and incident documentation    Security Operations & Tool Administration   Support administration and monitoring of cybersecurity platforms including:    Microsoft GCC High    Crowdstrike and other EDR/XDRs   PIM/PAM Tools   Various SIEMs   Azure Sentinel   Monitor endpoint detection and response (EDR/XDR) alerts and telemetry    Assist with tuning alerting rules and reducing false positives    Support vulnerability management and remediation tracking activities    Help maintain endpoint, identity, and cloud security configurations    Threat Detection & Analysis   Review logs and security telemetry from SIEM, endpoint, network, and cloud security platforms    Identify anomalous or malicious behavior patterns    Assist with development and improvement of detection rules, playbooks, and response procedures    Participate in threat hunting and proactive security monitoring initiatives    Compliance & Documentation   Support cybersecurity compliance initiatives including CMMC, NIST 800-171, and DFARS requirements    Maintain accurate incident records, investigation notes, and operational documentation    Assist with audit preparation, evidence collection, and remediation tracking    Follow established security procedures and escalation processes    Security Awareness & Collaboration   Collaborate with IT, Engineering, and business teams to improve organizational security posture    Assist with phishing response and user security awareness efforts    Contribute to continuous improvement of SOC processes and operational maturity      Minimum Requirements:   3–5+ years of experience in cybersecurity, IT support, systems administration, or SOC operations    Foundational understanding of cybersecurity concepts including networking, endpoint security, identity management, and incident response    Familiarity with security monitoring and alert triage processes    Experience working with Managed Security Service Providers (MSSPs)   Experience or exposure to enterprise security platforms such as:    Microsoft GCC High    Crowdstrike and other EDR/XDRs   App Allow/Block-listing tools   PIM/PAM Tools   Various SIEMs   Azure Sentinel   Strong understanding of Windows, Linux, macOS, and cloud-based environments    Basic understanding of SIEM, EDR/XDR, phishing analysis, and log analysis    Strong analytical, troubleshooting, and problem-solving skills    Excellent written and verbal communication skills    Ability to prioritize and manage multiple tasks in a fast-paced environment    Must be a U.S. Citizen eligible for government facilities and sensitive information Ability to obtain additional security clearances as required by contract Preferred Requirements:   Active Security Clearance Experience supporting defense, aerospace, government contracting, or regulated technology environments   Familiarity with Microsoft GCC High environments    Familiarity with using AI and LLM tools within the SOC   Familiarity with monitoring AI and LLM tools   Exposure to compliance frameworks such as NIST 800-171, CMMC, CIS Controls, or ISO 27001    Experience with scripting or automation using PowerShell, Python, or Bash    Familiarity with digital forensic process and chain of custody   Knowledge of MITRE ATT&CK framework and common threat actor techniques    Security certifications such as Security+, CySA+, SC-900, Network+, or equivalent    Experience working in a 24/7 or operational security environment preferred    Why CHAOS? Health Benefits: Medical, dental, and vision benefits 100% paid for by the company Additional benefits : 401k (+ 50% company match up to 6% of pay), FSA, HSA, life insurance, and more Our P