U

Cybersecurity Analyst - Security Operations Center

ut md anderson • United State
Remote
Apply
AI Summary

Defend critical healthcare infrastructure by monitoring enterprise systems and responding to security incidents in a 24x7 SOC environment. Perform alert triage, containment actions, threat hunting, and AI-enabled investigations using SIEM and EDR platforms. Requires Bachelor's degree in computer science or related field with hands-on SOC experience and industry certifications.

Key Highlights
24x7 Security Operations Center monitoring and incident response
AI-enabled SOC operations using generative and agentic capabilities
Hands-on experience with SIEM platforms and EDR tools
Must be located in Texas for remote work
Key Responsibilities
Monitor network traffic and security alerts across SIEM, EDR, and firewall platforms
Review and analyze high volumes of alerts to distinguish benign activity from threats
Execute first-response containment actions such as disabling compromised accounts
Participate in threat hunting across endpoint, network, identity, and cloud environments
Utilize approved AI tools to enhance SOC processes and automate repetitive tasks
Technical Skills Required
SIEM platforms EDR tools Threat intelligence
Benefits & Perks
Employer-paid medical coverage starting day one
Paid time off and extended illness bank
Tuition assistance program after six months
Defined-benefit pension through Teachers Retirement System
Nice to Have
Master's degree in Information Security or Computer Science
Advanced cybersecurity certifications (GCIA, GCIH, GCFA)
Experience leading or serving as primary responder on security incidents

Job Description


The University of Texas MD Anderson Cancer Center is seeking a Cybersecurity Analyst to support its Cybersecurity department within the Security Operations Center (SOC), a critical function responsible for safeguarding enterprise systems, networks, and sensitive data against evolving cyber threats. The Cybersecurity Analyst plays a vital frontline role in 24x7 SOC operations, ensuring continuous monitoring, rapid detection, and timely response to security incidents.

The Cybersecurity Analyst at UT MD Anderson operates as a "digital first responder," performing alert triage, executing containment actions, and supporting incident escalation. UT MD Anderson is a leading institution focused on cancer care, research, education, and prevention, and the Cybersecurity Analyst contributes directly to protecting the organization's mission-critical infrastructure and patient data. The Cybersecurity Analyst collaborates across security, IT, and threat intelligence teams to strengthen detection capabilities and improve operational effectiveness.

The ideal candidate brings a Bachelor's degree in a related field, hands-on SOC experience, and relevant industry certifications such as GCIH, GCIA, GCFA, CySA+, or Security+. A Master's degree and advanced cybersecurity certifications are preferred, along with experience in SIEM platforms, incident response, and threat analysis in enterprise environments.

Minimum $42.31 - Midpoint $52.88 - Maximum $63.46

Work Location: 100% Remote within Texas

Why Us?

The Cybersecurity Analyst role at UT MD Anderson offers the opportunity to defend critical healthcare infrastructure while advancing technical expertise in a collaborative and mission-driven environment. Team members gain exposure to advanced security tools, AI-enabled SOC operations, and complex threat landscapes, all while supporting work-life balance through flexible remote work within Texas and strong organizational support for career development.

  • Employer-paid medical coverage starting day one for employees working 30+ hours/week, plus optional group dental, vision, life, AD&D, and disability insurance.
  • Accruals for PTO and Extended Illness Bank, plus paid holidays, wellness, childcare, and other leave options.
  • Tuition Assistance Program after six months of service and access to extensive wellness, fitness, and employee resource groups.
  • Defined-benefit pension through the Teachers Retirement System, voluntary retirement plans, and employer-paid life and reduced salary protection programs.

Responsibilities

SOC Monitoring & Alert Triage

  • Monitor network traffic and security alerts across SIEM, EDR, and firewall platforms
  • Review and analyze high volumes of alerts to distinguish benign activity from threats
  • Triage alerts using predefined playbooks and standard operating procedures
  • Perform real-time analysis of security telemetry to identify anomalies

Incident Response & Escalation

  • Execute first-response containment actions such as disabling compromised accounts
  • Isolate infected endpoints to prevent lateral movement
  • Create detailed incident tickets with supporting evidence and timelines
  • Escalate confirmed or high-risk incidents to Tier 2 and Tier 3 analysts

Threat Hunting & Analysis

  • Participate in threat hunting across endpoint, network, identity, and cloud environments
  • Apply threat intelligence and hypotheses to detect emerging threats
  • Analyze patterns and identify gaps in detection coverage
  • Support development of improved detection strategies

AI-Enabled SOC Operations

  • Utilize approved AI tools, including generative and agentic capabilities, to enhance SOC processes
  • Improve alert triage, investigations, and documentation using AI-enabled workflows
  • Develop and deploy AI agents integrated with security tools via Model Context Protocol (MCP)
  • Automate repetitive tasks to increase efficiency and response speed

Metrics, Reporting & Documentation

  • Contribute to SOC dashboards, metrics, and reporting on threat trends and activity
  • Maintain and update runbooks, documentation, and SOPs for consistent operations
  • Support continuous improvement initiatives in SOC processes
  • Perform additional duties as assigned

EDUCATION

  • Required: Bachelor's Degree Computer Information Systems, Business Information Systems, Computer Science or related field.
  • Preferred: Master's Degree Information Security, Computer Science or related field.

Work Experience

  • Required: 2 years In one or more information security domains, to include managing security technologies and/or programs and developing information security standards and procedures.
  • May substitute required education degree with additional years of equivalent experience on a one to one basis.
  • Preferred: At least 2-3 years of hands-on experience working in a Security Operations Center performing alert triage, investigation, and incident response, hands-on (querying, building/tuning detections, dashboards) in an enterprise SIEM, direct experience leading or serving as a primary responder on security incidents through the full lifecycle, relevant industry certification (e.g., GCIA, GCIH, GCFA, CySA+, Security+, or equivalent).
  • Required: Ability to work on an on-call rotation and/or shift coverage as required by 24x7 SOC operations.
  • Prefer candidates in Houston Texas or surrounding area.

LICENSES AND CERTIFICATIONS

  • Preferred: SANS or other applicable industry or systems certification.

The University of Texas MD Anderson Cancer Center offers excellent benefits, including medical, dental, paid time off, retirement, tuition benefits, educational opportunities, and individual and team recognition.

This position may be responsible for maintaining the security and integrity of critical infrastructure, as defined in Section 113.001(2) of the Texas Business and Commerce Code and therefore may require routine reviews and screening. The ability to satisfy and maintain all requirements necessary to ensure the continued security and integrity of such infrastructure is a condition of hire and continued employment.

It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state, or local laws unless such distinction is required by law.http://www.mdanderson.org/about-us/legal-and-policy/legal-statements/eeo-affirmative-action.html

Additional Information

  • Requisition ID: 181692
  • Employment Status: Full-Time
  • Employee Status: Regular
  • Work Week: Days
  • Minimum Salary: US Dollar (USD) 88,000
  • Midpoint Salary: US Dollar (USD) 110,000
  • Maximum Salary : US Dollar (USD) 132,000
  • FLSA: exempt and not eligible for overtime pay
  • Fund Type: Hard
  • Work Location: Remote (within Texas only)
  • Pivotal Position: Yes
  • Referral Bonus Available?: Yes
  • Relocation Assistance Available?: Yes

Similar Jobs

Explore other opportunities that match your interests

Visa Sponsorship Relocation Remote
Job Type Contract
Experience Level Associate

Integrated Resources, Inc ( IR...

United State
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Not Applicable

ltvplus

United State

Senior IT Security Engineer

Cyber Security
•
40m ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Not Applicable

great west, an old republic co...

United State

Subscribe our newsletter

New Things Will Always Update Regularly