Security Operations Center Apprentice

Description

Job Summary: The competency-based apprenticeship will measure the apprentice’s successful demonstration of acquired skills and knowledge, as verified by the program sponsor. Requirements include apprentices completing an on-the-job training component and completing a related technical instruction component as outlined within the approved Standards of the Apprenticeship. The apprentice will assist in investigating alerts as they are generated from various monitoring tools, will assist in investigating reports that may be received or phoned in (reported by employees, and third-party monitoring service), will assist in proactively hunting for threats in idle time also called Hunt and Incident Response Team (HIRT) work, and monitoring the company SIEMs (Security Information and Event Management). The Security Operations Center (SOC) Apprentice will learn to handle Tier 1 and Tier 2 alerts and report Tier 3 alerts to applicable personnel within the organization.\

Viable candidates must be willing to work onsite at GSI's headquarters in Palm Harbor, Florida daily.

Requirements

Key Responsibilities:

• Monitor security alerts and events generated by SIEM, SOAR, EDR, and cloud security tools across SaaS infrastructure, applications, and endpoints.
• Perform initial triage and analysis of security alerts to identify potential threats, false positives, and indicators of compromise (IOCs), escalating incidents according to established SOC procedures.
• Assist in incident response activities, including evidence collection, log review, containment actions, and documentation under the guidance of senior analysts.
• Help maintain and update incident tickets, investigation notes, and post-incident reports to ensure accurate tracking and audit readiness.
• Participate in vulnerability management processes, including reviewing scan results, validating findings, and coordinating remediation tracking with engineering and DevOps teams.
• Assist with threat intelligence ingestion and enrichment by researching emerging threats, tactics, techniques, and procedures (TTPs) relevant to SaaS platforms.
• Follow and help refine SOC runbooks, standard operating procedures (SOPs), and playbooks to improve response consistency and efficiency.
• Participate in training, tabletop exercises, and simulations to build foundational skills in detection, response, and cloud security operations.

Work Experience / Knowledge:

• Knowledge of Linux/Unix and Windows operating systems
• Knowledge of Microsoft SQL Server, Oracle, and MySQL
• Knowledge of Industry Standards, e.g., ISO 17799/27001, FISMA/FedRAMP, NIST Publications.
• Possess an understanding of computer intrusion activities, incident response techniques, tools, and procedures
• Knowledge of digital forensics methodology as well as security architecture, system administration, and networking (including TCP/IP, DNS, SMTP)
• Ability to learn and retain information in a fast pace environment
• Demonstrate an excellent attention to detail
• Ability to multitask efficiently
• Ability to work independently and/or as part of a team
• Have a flexible schedule
• Have reliable Transportation
• Ability to work all shifts

Qualifications / Certifications:

• Minimum high school graduate; General Education Development (GED)
• Two-year college degree in IT or cybersecurity preferred

Special Requirements:

• Willing to work irregular hours as needed
• Willing to accept various projects and tasks as needed
• Sitting for long periods of time
• Ability to lift 50 pounds

Apprenticeship begins on April 27th, 2026.

Equal Opportunity Employer. M/F/D/V