Security Operations Center Analyst

IonQ, Inc. is the world's leading quantum company delivering solutions to solve complex problems. They are seeking a Security Operations Center Analyst to monitor, analyze, and respond to security events, while also contributing to the development of security processes and tooling.

Responsibilities

• Monitor SIEM, EDR, IDS/IPS, cloud security, and email security alerts for potential threats or abnormal activity
• Triage, validate, and investigate security alerts; identify false positives; escalate or resolve incidents as appropriate
• Perform in-depth analysis of suspicious activity and correlate logs across multiple systems to determine root cause, scope, and impact
• Execute containment and remediation actions such as host isolation, account lockdown, IOC blocking, vulnerability mitigation, and post-recovery validation
• Conduct proactive threat hunting based on threat intelligence, behavioral patterns, or hypothesis-driven analysis
• Support forensic data collection and examination (endpoint artifacts, system logs, cloud audit logs, etc.)
• Analyze suspicious files, scripts, URLs, and domains using sandboxing, tooling, and threat intelligence sources
• Recommend and contribute to improvements in SIEM rules, detections, automation workflows, and security playbooks
• Participate in incident response activities, including documentation, communication with stakeholders, and post-incident reviews
• Monitor and maintain the health and accuracy of security tooling, connectors, and log ingestion pipelines
• Help improve security processes, policies, and standards as part of a growing team
• Maintain clear, organized case notes and produce reports when needed
• Opportunity to help shape a growing SOC and influence detection engineering, automation, and incident response processes

Skills

• 1–3+ years of experience in a SOC, incident response, or security operations environment
• Hands-on experience with SIEM, EDR, and cloud security tools (e.g., Microsoft Sentinel, Defender XDR, Splunk, CrowdStrike, etc.)
• Strong understanding of Windows, Linux, and/or macOS internals; identity security; authentication flows; and network fundamentals (TCP/IP, DNS, HTTP)
• Familiarity with threat landscape, threat intelligence workflows, and MITRE ATT&CK
• Ability to write basic queries or scripts (KQL, SPL, PowerShell, Python, etc.)
• Analytical thinker with strong troubleshooting skills and a structured approach to incident handling
• Clear communication skills and the ability to document technical findings concisely and accurately
• A commitment to doing work the right way — following sound processes, documenting thoroughly, and maintaining a high standard for quality and security operations
• A genuine desire to learn, grow, and continuously improve as the environment, tools, and challenges evolve
• Experience with the Microsoft security stack (Sentinel, Defender for Endpoint/XDR, Entra ID Protection)
• Experience with threat hunting, detection tuning, or security automation
• Certifications such as Security+, CySA+, SC-200, AZ-500, GCIH/GCED/GCIA, or equivalent
• Experience working in fast-paced, high-growth tech environments

Benefits

• Comprehensive medical, dental, and vision plans
• Matching 401K
• Unlimited PTO and paid holidays
• Parental/adoption leave
• Legal insurance
• Home technology stipend

Company Overview