Monitor and triage security alerts and events across enterprise systems, endpoints, cloud platforms, and networks
Investigate suspicious activity, indicators of compromise, phishing attempts, malware detections, and unauthorized access attempts
Escalate validated security incidents to senior analysts or engineering teams as appropriate
Support containment, remediation, and recovery activities during cybersecurity incidents
Assist with root cause analysis and incident documentation
Security Operations & Tool Administration
Support administration and monitoring of cybersecurity platforms including:
Microsoft GCC High
Crowdstrike and other EDR/XDRs
PIM/PAM Tools
Various SIEMs
Azure Sentinel
Monitor endpoint detection and response (EDR/XDR) alerts and telemetry
Assist with tuning alerting rules and reducing false positives
Support vulnerability management and remediation tracking activities
Help maintain endpoint, identity, and cloud security configurations
Threat Detection & Analysis
Review logs and security telemetry from SIEM, endpoint, network, and cloud security platforms
Identify anomalous or malicious behavior patterns
Assist with development and improvement of detection rules, playbooks, and response procedures
Participate in threat hunting and proactive security monitoring initiatives
Compliance & Documentation
Support cybersecurity compliance initiatives including CMMC, NIST 800-171, and DFARS requirements
Maintain accurate incident records, investigation notes, and operational documentation
Assist with audit preparation, evidence collection, and remediation tracking
Follow established security procedures and escalation processes
Security Awareness & Collaboration
Collaborate with IT, Engineering, and business teams to improve organizational security posture
Assist with phishing response and user security awareness efforts
Contribute to continuous improvement of SOC processes and operational maturity
Minimum Requirements:
3-5+ years of experience in cybersecurity, IT support, systems administration, or SOC operations
Foundational understanding of cybersecurity concepts including networking, endpoint security, identity management, and incident response
Familiarity with security monitoring and alert triage processes
Experience working with Managed Security Service Providers (MSSPs)
Experience or exposure to enterprise security platforms such as:
Microsoft GCC High
Crowdstrike and other EDR/XDRs
App Allow/Block-listing tools
PIM/PAM Tools
Various SIEMs
Azure Sentinel
Strong understanding of Windows, Linux, macOS, and cloud-based environments
Basic understanding of SIEM, EDR/XDR, phishing analysis, and log analysis
Strong analytical, troubleshooting, and problem-solving skills
Excellent written and verbal communication skills
Ability to prioritize and manage multiple tasks in a fast-paced environment
Must be a U.S. Citizen eligible for government facilities and sensitive information
Ability to obtain additional security clearances as required by contract
Preferred Requirements:
Active Security Clearance
Experience supporting defense, aerospace, government contracting, or regulated technology environments
Familiarity with Microsoft GCC High environments
Familiarity with using AI and LLM tools within the SOC
Familiarity with
Benefits
Equity / stock options
Additional Information
CHAOS Industries is redefining modern defense with a multi-product portfolio that gives the ultimate advantage-domain dominance. The company's products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators, and border protection teams to act faster, adapt rapidly, and stay ahead of evolving threats.
CHAOS Industries was founded in 2022 and has raised a total of $1 billion in funding from leading investors, including 8VC, Accel, and Valor Equity Partners. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, San Diego, Seattle, and London. For more information, please visit www.chaosinc.com .
Role Overview:
We are seeking a SOC Analyst II to join our growing Security Operations team and help defend the organization against evolving cyber threats. This role will support day-to-day monitoring, triage, investigation, and response activities across enterprise systems, endpoints, cloud infrastructure, and collaboration environments.
The ideal candidate is a mid-career cybersecurity professional with a strong technical foundation, curiosity for threat analysis, and a desire to grow within a mission-focused defense technology environment. This individual will work closely with senior security engineers, IT, and infrastructure teams to identify suspicious activity, investigate alerts, and support the protection of sensitive company and government-related data.
This position is ideal for someone who thrives in a fast-paced startup environment and is passionate about operational cybersecurity.
Chaosindustries · San Francisco, CA