SOC Analyst Resume Example
A detailed SOC analyst resume template highlighting threat monitoring, incident triage, and SIEM expertise designed to help security operations professionals land interviews in 2026.
Last Updated: 2026-03-10 | Reading Time: 8-10 minutes
Quick Stats
SOC Analyst Resume Example
Jordan Rivera
jordan.rivera@email.com | (512) 555-6034 | Austin, TX
linkedin.com/in/jordanrivera-soc
Professional Summary
SOC Analyst with 3 years of experience in 24/7 security operations, monitoring over 15,000 endpoints and triaging 200+ alerts daily. Reduced false positive rate by 40% through custom SIEM correlation rules and improved mean time to respond from 35 minutes to 12 minutes. CompTIA Security+ and CySA+ certified.
Experience
- •Monitor and triage 200+ daily security alerts across Splunk and Microsoft Sentinel, maintaining a 98.5% SLA compliance rate for Tier 1 escalations
- •Developed 35 custom SIEM correlation rules that reduced false positive alerts by 40%, saving the team approximately 15 hours per week
- •Investigated and documented 12 confirmed security incidents including ransomware, phishing, and insider threat cases, coordinating containment with engineering teams
- •Created runbooks for 8 common alert types that decreased onboarding time for new analysts from 4 weeks to 2 weeks
- •Performed real-time monitoring of network traffic and endpoint telemetry for 50+ client environments using CrowdStrike and QRadar
- •Triaged and escalated 150+ alerts daily with 95% accuracy, reducing mean time to detect from 28 minutes to 14 minutes
- •Analyzed phishing emails and malicious attachments using sandbox tools, identifying 3 zero-day malware variants forwarded to threat intelligence teams
Education
Technical Skills
SIEM Administration (Splunk, QRadar, Sentinel) • Threat Monitoring • Incident Triage • Log Analysis • Malware Analysis • Network Traffic Analysis • Phishing Investigation • EDR (CrowdStrike, Carbon Black) • SOAR Platforms • Packet Capture Analysis
Certifications
- CompTIA Security+
- CompTIA CySA+ (Cybersecurity Analyst)
- Splunk Core Certified Power User
Why This Resume Works:
- Quantified achievements with specific metrics
- Keywords match common job descriptions
- Clean, ATS-compatible formatting
- Strong action verbs throughout
How to Write a SOC Analyst Resume
Professional Summary
Emphasize alert volume handled daily, SLA metrics, and improvements you made to detection or response times. Include your SOC tier level and certifications.
Work Experience
Focus on volume of alerts triaged, false positive reduction, MTTD/MTTR improvements, and incidents investigated. Show progression from Tier 1 to Tier 2 responsibilities.
Skills Section
List specific SIEM platforms, EDR tools, and SOAR systems. SOC roles are very tool-specific, so naming exact products is critical for passing ATS screening.
Action Verbs for SOC Analysts
SOC Analyst Resume Keywords
These keywords appear most frequently in SOC Analyst job descriptions. Include relevant ones in your resume:
Technical Keywords
SIEMSOAREDRLog AnalysisThreat MonitoringAlert TriageMalware AnalysisNetwork Traffic AnalysisIncident ResponsePhishing AnalysisIndustry Keywords
SOC Tier 1/2/3MITRE ATT&CKCyber Kill ChainNISTSLA ComplianceMean Time to DetectMean Time to RespondTools & Technologies
SplunkMicrosoft SentinelIBM QRadarCrowdStrike FalconCarbon BlackPalo Alto Cortex XSOARVirusTotalAny.RunWiresharkTheHiveMISPCommon Mistakes to Avoid
Not specifying SOC tier level
Clearly indicate your tier (Tier 1, 2, or 3) so recruiters understand your responsibility level
Omitting alert volume and response metrics
Include daily alert volume, SLA compliance percentages, and MTTD/MTTR improvements
Listing only monitoring without showing analysis skills
Include examples of investigations you led, malware you analyzed, or correlation rules you built
Not mentioning shift work or 24/7 availability
SOC roles often require shift work. Mentioning it shows you understand operational realities
SOC Analyst Resume FAQs
What certifications are best for SOC analysts?
CompTIA Security+ for entry-level, CySA+ for intermediate, and Splunk certifications for SIEM-specific roles. GCIA and GCIH from SANS are also highly valued.
How do I transition from help desk to SOC analyst?
Get CompTIA Security+ certified, practice with free SIEM tools and threat hunting labs, and highlight any security-adjacent work from your help desk role like handling phishing reports.
What does a typical day look like for a SOC analyst?
Monitoring dashboards, triaging alerts, investigating suspicious activity, documenting incidents, tuning detection rules, and participating in shift handoffs. Describe these activities on your resume.
Should I include my alert triage accuracy rate?
Yes. Metrics like "95% triage accuracy" and "98.5% SLA compliance" demonstrate reliability and are highly valued by SOC managers.
How important is scripting for SOC analysts?
Increasingly important. Basic Python and PowerShell scripting for log parsing, automation, and SOAR playbook development will differentiate you from other candidates.
Ready to Optimize Your SOC Analyst Resume?
Our AI-powered resume analyzer will score your resume against ATS systems, find missing keywords for SOC Analyst roles, and give you specific improvement suggestions.
Related Resume Examples
Software Engineer Resume Example
Professional Software Engineer resume example with ATS-optimized template. Learn what recruiters look for and get hired faster at top tech companies.
Data Scientist Resume Example
Professional Data Scientist resume example with ATS-optimized template. Learn how to showcase your ML skills and statistical expertise.
Frontend Developer Resume Example
Professional Frontend Developer resume example with ATS-optimized template. Learn how to showcase your UI/UX development skills and land roles at top companies.
Last updated: 2026-03-10 | Written by JobJourney Career Experts