Updated for 2026

SOC Analyst
Resume Example

A proven resume structure for SOC analyst roles that highlights threat detection, incident response, and SIEM expertise with measurable security outcomes.

Use This Template Read the breakdown
ATS Score
87
Excellent
Keywords · Impact · Format
Build Your Resume With This Template

Priya Vasquez

Dallas, TX  |  [email protected]  |  (555) 284-7139  |  linkedin.com/in/priyavasquez
Summary

SOC analyst with 3 years of experience monitoring and responding to security events across enterprise environments supporting 12,000+ endpoints. Triaged over 9,500 alerts using Splunk and CrowdStrike, reducing mean time to detect from 45 minutes to 12 minutes while maintaining a 99.3% true-positive escalation rate.

Technical Skills
Threat Detection: SIEM management, log analysis, intrusion detection, malware triage, phishing investigation, threat hunting
Tools & Platforms: Splunk, CrowdStrike Falcon, Palo Alto Cortex XSOAR, Wireshark, MITRE ATT&CK, VirusTotal
Compliance & Frameworks: NIST CSF, ISO 27001, SOC 2, incident response playbooks, chain-of-custody documentation
Experience
SOC Analyst - Sentinel Cybersecurity Group May 2023 – Present
  • Monitor 12,000+ endpoints across 3 business units using Splunk and CrowdStrike, triaging an average of 180 alerts daily with a 99.3% true-positive escalation rate
  • Reduced mean time to detect threats from 45 minutes to 12 minutes by building 28 custom correlation rules in Splunk that flagged lateral movement and credential abuse patterns
  • Led incident response for 14 confirmed security incidents, containing 100% within SLA and preventing an estimated $2.1M in potential data breach costs
  • Developed 6 automated playbooks in Cortex XSOAR that resolved 62% of Tier 1 phishing alerts without human intervention, freeing 15 analyst hours per week
Junior Security Analyst - Greystone Financial Services Jun 2021 – Apr 2023
  • Analyzed 4,200+ security events monthly using Splunk and Wireshark, escalating 340 validated incidents to Tier 2 with 97% accuracy
  • Investigated 85 phishing campaigns targeting 6,000 employees, identifying and blocking 12 credential harvesting domains within 30 minutes of detection
  • Created a threat intelligence digest distributed to 25 stakeholders weekly, covering 150+ IOCs that improved proactive blocking by 34%
  • Documented 22 incident response runbooks aligned to MITRE ATT&CK framework, reducing average onboarding time for new analysts from 6 weeks to 3 weeks
Education
B.S. in Cybersecurity - University of Texas at Dallas 2021
Build Your Resume With This Template

Free to start. No credit card required.

Why This Resume Works

1
Alert Volume and Accuracy Metrics Prove Capability

Specifying 180 daily alerts with a 99.3% true-positive rate demonstrates both the scale of monitoring responsibility and the precision of triage decisions, which are the core metrics SOC managers evaluate.

2
MTTD Reduction Shows Tangible Impact

Quantifying the mean time to detect improvement from 45 to 12 minutes provides a concrete before-and-after metric that directly ties to organizational risk reduction.

3
Automation Demonstrates Growth Beyond Tier 1

Building SOAR playbooks that eliminated 62% of routine alerts signals readiness for senior roles and shows initiative beyond basic monitoring responsibilities.

Section-by-Section Breakdown

Summary

Lead with endpoint count and alert volume to establish scope. Include MTTD or MTTR metrics and your primary SIEM platform to match job description keywords immediately.

Skills

Organize into Threat Detection, Tools, and Compliance categories. Name specific SIEM platforms and frameworks since ATS systems match on exact tool names like Splunk and CrowdStrike.

Experience

Quantify alert volumes, detection times, incident counts, and cost avoidance. SOC hiring managers compare candidates on speed and accuracy metrics, so make these prominent.

Education

Include security certifications like CompTIA Security+, CySA+, or GIAC prominently. In SOC hiring, certifications often carry equal weight to degree credentials.

Key Skills for SOC Analyst Resumes

Based on analysis of thousands of job postings, these are the most frequently required skills:

SIEM Management Threat Detection Incident Response Log Analysis Malware Triage Phishing Investigation Threat Hunting Splunk CrowdStrike Falcon Cortex XSOAR Wireshark MITRE ATT&CK NIST CSF ISO 27001 Intrusion Detection Security Automation

Common Mistakes on SOC Analyst Resumes

  • No Alert Volume or Accuracy Metrics - Saying you monitored security events without mentioning daily alert counts, true-positive rates, or endpoint coverage gives no sense of your operational scale or effectiveness.
  • Missing SIEM Platform Names - Generic references to monitoring tools instead of naming Splunk, QRadar, or Sentinel means ATS filters cannot match you to jobs requiring specific platform experience.
  • Omitting Detection Time Improvements - MTTD and MTTR are the defining performance metrics for SOC analysts. Leaving them out removes your strongest evidence of impact on the security posture.
  • No Framework References - Failing to mention MITRE ATT&CK, NIST CSF, or ISO 27001 misses critical keyword matches since most SOC job descriptions require familiarity with at least one framework.
  • Listing Only Monitoring Without Response - A resume focused entirely on watching dashboards without incident response or automation work signals a passive approach that will not stand out for mid-level or senior SOC roles.

Related Guides

How to Quantify Your Resume Bullet Points The Complete ATS-Friendly Resume Guide 150+ Resume Synonym Guides

Ready to build yours?

Upload your existing resume or start fresh. Get an ATS score and AI-powered suggestions in 30 seconds.

More Resume Examples

Cybersecurity Analyst View example → Junior Cybersecurity Analyst View example → Security Engineer View example → Network Security Engineer View example → Penetration Tester View example → Junior Security Engineer View example → Lead Security Engineer View example → Chief Security Officer View example → Risk Analyst View example →