Back to all positions
Security • REF: TH-SEC-002

Security Operations Center Analyst

Denver, COOn-siteFull-time
Apply for this position
Location
Denver, CO
Work Mode
On-site
Department
Security
Employment Type
Full-time
Reference ID
TH-SEC-002
Date Posted
February 25, 2026

About This Role

Tile Health’s Security Operations Center is the front line of defense for the patient data entrusted to us by health system partners. The SOC Analyst will monitor security alerts from SIEM, EDR, and cloud security tools, investigate potential incidents, and execute response procedures to contain and remediate threats. This role operates in a fast-paced environment where attention to detail and sound judgment directly protect patient privacy.

What You'll Do

  • Monitor and triage security alerts from SIEM (Splunk or Sentinel), EDR (CrowdStrike or SentinelOne), and cloud-native security tools
  • Investigate potential security incidents, conducting log analysis and timeline reconstruction to determine scope and impact
  • Execute incident response procedures according to established playbooks, escalating to senior security staff when appropriate
  • Maintain and tune SIEM detection rules and alerting thresholds to reduce false positives while ensuring coverage of critical attack vectors
  • Document incident investigations, findings, and lessons learned in the security case management system

What We're Looking For

  • 2+ years of experience in security operations, SOC analysis, or cybersecurity monitoring
  • Hands-on experience with SIEM platforms (Splunk, Microsoft Sentinel, or Elastic Security)
  • Understanding of common attack techniques, MITRE ATT&CK framework, and security incident response procedures
  • Knowledge of network protocols, endpoint security concepts, and cloud security fundamentals (AWS preferred)
  • Strong analytical and problem-solving skills with the ability to investigate ambiguous security events under time pressure
  • Ability to work flexible hours or participate in an on-call rotation to ensure 24/7 security coverage

Nice to Have

  • Security+ or CySA+ certification
  • Experience monitoring healthcare environments or HIPAA-regulated infrastructure
  • Familiarity with SOAR platforms for automated incident response
  • Background in scripting (Python, PowerShell) for security automation and log parsing
Apply for this position
Security Operations Center Analyst - Tile Health Careers | Tile Health