Cybersecurity SOC Analyst II

• CHAOS Industries is redefining modern defense with a multi-product portfolio that gives the ultimate advantage—domain dominance. The company's products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators
• border protection teams to act faster, adapt rapidly
• stay ahead of evolving threats.
• CHAOS Industries was founded in 2022 and has raised a total of $1 billion in funding from leading investors, including 8VC, Accel
• Valor Equity Partners. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, San Diego, Seattle
• London. For more information, please visit www.chaosinc.com .
• Role Overview:
• We are seeking a SOC Analyst II to join our growing Security Operations team and help defend the organization against evolving cyber threats. This role will support day-to-day monitoring, triage, investigation
• response activities across enterprise systems, endpoints, cloud infrastructure
• collaboration environments.
• The ideal candidate is a mid-career cybersecurity professional with a strong technical foundation, curiosity for threat analysis
• a desire to grow within a mission-focused defense technology environment. This individual will work closely with senior security engineers, IT
• infrastructure teams to identify suspicious activity, investigate alerts
• support the protection of sensitive company and government-related data.
• This position is ideal for someone who thrives in a fast-paced startup environment and is passionate about operational cybersecurity

Responsibilities

• Security Monitoring & Incident Response
• Monitor and triage security alerts and events across enterprise systems, endpoints, cloud platforms, and networks
• Investigate suspicious activity, indicators of compromise, phishing attempts, malware detections, and unauthorized access attempts
• Escalate validated security incidents to senior analysts or engineering teams as appropriate
• Support containment, remediation, and recovery activities during cybersecurity incidents
• Assist with root cause analysis and incident documentation
• Security Operations & Tool Administration
• Support administration and monitoring of cybersecurity platforms including:
• Microsoft GCC High
• Crowdstrike and other EDR/XDRs
• PIM/PAM Tools
• Various SIEMs
• Azure Sentinel
• Monitor endpoint detection and response (EDR/XDR) alerts and telemetry
• Assist with tuning alerting rules and reducing false positives
• Support vulnerability management and remediation tracking activities
• Help maintain endpoint, identity, and cloud security configurations
• Threat Detection & Analysis
• Review logs and security telemetry from SIEM, endpoint, network, and cloud security platforms
• Identify anomalous or malicious behavior patterns
• Assist with development and improvement of detection rules, playbooks, and response procedures
• Participate in threat hunting and proactive security monitoring initiatives
• Compliance & Documentation
• Support cybersecurity compliance initiatives including CMMC, NIST 800-171, and DFARS requirements
• Maintain accurate incident records, investigation notes, and operational documentation
• Assist with audit preparation, evidence collection, and remediation tracking
• Follow established security procedures and escalation processes
• Security Awareness & Collaboration
• Collaborate with IT, Engineering, and business teams to improve organizational security posture
• Assist with phishing response and user security awareness efforts
• Contribute to continuous improvement of SOC processes and operational maturity
• Minimum Requirements:
• 3–5+ years of experience in cybersecurity, IT support, systems administration, or SOC operations
• Foundational understanding of cybersecurity concepts including networking, endpoint security, identity management, and incident response
• Familiarity with security monitoring and alert triage processes
• Experience working with Managed Security Service Providers (MSSPs)
• Experience or exposure to enterprise security platforms such as:
• Microsoft GCC High
• Crowdstrike and other EDR/XDRs
• App Allow/Block-listing tools
• PIM/PAM Tools
• Various SIEMs
• Azure Sentinel
• Strong understanding of Windows, Linux, macOS, and cloud-based environments
• Basic understanding of SIEM, EDR/XDR, phishing analysis, and log analysis
• Strong analytical, troubleshooting, and problem-solving skills
• Excellent written and verbal communication skills
• Ability to prioritize and manage multiple tasks in a fast-paced environment
• Must be a U.S. Citizen eligible for government facilities and sensitive information
• Ability to obtain additional security clearances as required by contract
• Preferred Requirements:
• Active Security Clearance
• Experience supporting defense, aerospace, government contracting, or regulated technology environments
• Familiarity with Microsoft GCC High environments
• Familiarity with using AI and LLM tools within the SOC
• Familiarity with monitoring AI and LLM tools
• Exposure to compliance frameworks such as NIST 800-171, CMMC, CIS Controls, or ISO 27001
• Experience with scripting or automation using PowerShell, Python, or Bash
• Familiarity with digital forensic process and chain of custody
• Knowledge of MITRE ATT&CK framework and common threat actor techniques
• Security certifications such as Security+, CySA+, SC-900, Network+, or equivalent
• Experience working in a 24/7 or operational security environment preferred
• Why CHAOS?
• Health Benefits: Medical, dental, and vision benefits 100% paid for by the company
• Additional benefits : 401k (+ 50% company match up to 6% of pay), FSA, HSA, life insurance, and more
• Our Perks: Free daily lunch, ‘No meeting Fridays’, unlimited PTO, casual dress code
• Compensation Components: Competitive base salaries, generous pre-IPO stock option grants, relocation assistance, and (coming soon!) annual bonuses
• Team Growth: 250 employees and counting across 5 global offices
• The stated compensation range reflects only the targeted base compensation range and excludes additional earnings such as bonus, equity
• benefits. If your compensation requirements fall outside of the range, we still encourage you to apply. The salary range for this role is an estimate based on a range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations.
• Recruiting Agencies: CHAOS Industries does not accept unsolicited resumes or outreach. Unsolicited submissions will not be reviewed or compensated.
• #LI-onsite