OPT SOC Analyst Jobs
SOC Analyst roles sit at the intersection of cybersecurity operations and real-time threat response, making them a strong fit for F-1 OPT students with degrees in computer science, information security, or related fields. Many employers in this space actively sponsor H-1B visas, giving you a viable path beyond your OPT window.
See All OPT SOC Analyst JobsOverview
Showing 5 of 69+ SOC Analyst jobs
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
See all 69+ SOC Analyst Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new SOC Analyst roles.
Get Access To All JobsPosition Summary:
The Information Security Analyst Tier 1 serves as the essential first line of defense in our Security Operations Center (SOC). This role goes beyond simple monitoring; you will be responsible for the end-to-end triage, investigation, and detailed documentation of security incidents. Your daily workflow involves analyzing security alerts from various data sources—specifically leveraging SIEM, EDR platforms, and email security gateways—to identify and mitigate threats ranging from phishing to sophisticated compromised account investigations. A critical component of this role is proactive defense and operational excellence. You will actively contribute to the SOC’s evolution by developing and refining detection logic based on observed activity, automating manual tasks to increase operational efficiency and maintaining comprehensive security playbooks and incident reports. You will also handle user access requests to security tools, ensuring secure and appropriate identity management, as well as ensuring all investigative steps are logged for compliance and hand-off purposes. This position offers a dynamic environment for those who want to transition from traditional monitoring into Detection Engineering and Security Orchestration (SOAR). This role operates during standard business hours with no on-call rotation.
Qualifications:
Required Education:
Bachelor's Degree or equivalent combination of education and experience
Preferred Education:
Bachelor's Degree Bachelor’s Degree or higher in Cybersecurity, Computer Science, or a related technical discipline
Required Experience:
2+ years Experience involving information technology and/or information security
Preferred Experience:
3+ years Experience in an enterprise Security Operations Center or IT environment. Experience investigating compromised accounts, including analyzing authentication logs, sessions, and MFA events. Experience building or tuning detections within a SIEM (Splunk preferred) or EDR tool. Basic to Intermediate experience with Automation: Using Python, PowerShell, or SOAR tools to streamline repetitive tasks. Experience with Email Security Gateways and performing deep-dive phishing analysis (header analysis, attachment detonation, etc.). Experience managing User Access Requests and Identity and Access Management (IAM) principles. Experience writing hand-off notes, incident reports, and SOPs. Experience working with Cloud technologies.
Required Skills, Knowledge and Abilities:
Demonstrated understanding of the incident response lifecycle and common attack vectors. Ability to clearly communicate technical findings and security concepts to non-technical stakeholders. Proficiency with Windows, macOS, and Linux operating systems. Strong analytical mindset with a focus on 'why' an alert triggered, not just 'what' triggered. Ability to maintain a high level of discretion and professionalism.
Preferred Skills, Knowledge and Abilities:
Knowledge of Detection Engineering principles (e.g., mapping to MITRE ATT&CK). Familiarity with API-based integrations for security automation. Understanding of network protocols (TCP/IP, DNS, HTTP) and cloud security fundamentals. Understanding of HTTP/HTTPS protocols and response codes (e.g. 2xx, 3xx, 4xx, 5xx). Familiarity with security frameworks (NIST, CIS) and risk/compliance initiatives.
Additional Information:
In compliance with NYC's Pay Transparency Act, the annual base salary range for this position is USD $70,000.00 to USD $84,700.00. New York University considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as, market and organizational considerations when extending an offer. This pay range represents base pay only and excludes any additional items such as incentives, bonuses, clinical compensation, or other items.
NYU aims to be among the greenest urban campuses in the country and carbon neutral by 2040. Learn more at nyu.edu/nyugreen.
NYU is an Equal Opportunity Employer and is committed to a policy of equal treatment and opportunity in every aspect of its recruitment and hiring process without regard to age, alienage, caregiver status, childbirth, citizenship status, color, creed, disability, domestic violence victim status, ethnicity, familial status, gender and/or gender identity or expression, marital status, military status, national origin, parental status, partnership status, predisposing genetic characteristics, pregnancy, race, religion, reproductive health decision making, sex, sexual orientation, unemployment status, veteran status, or any other legally protected basis. All interested persons are encouraged to apply at all levels.
Position Summary:
The Information Security Analyst Tier 1 serves as the essential first line of defense in our Security Operations Center (SOC). This role goes beyond simple monitoring; you will be responsible for the end-to-end triage, investigation, and detailed documentation of security incidents. Your daily workflow involves analyzing security alerts from various data sources—specifically leveraging SIEM, EDR platforms, and email security gateways—to identify and mitigate threats ranging from phishing to sophisticated compromised account investigations. A critical component of this role is proactive defense and operational excellence. You will actively contribute to the SOC’s evolution by developing and refining detection logic based on observed activity, automating manual tasks to increase operational efficiency and maintaining comprehensive security playbooks and incident reports. You will also handle user access requests to security tools, ensuring secure and appropriate identity management, as well as ensuring all investigative steps are logged for compliance and hand-off purposes. This position offers a dynamic environment for those who want to transition from traditional monitoring into Detection Engineering and Security Orchestration (SOAR). This role operates during standard business hours with no on-call rotation.
Qualifications:
Required Education:
Bachelor's Degree or equivalent combination of education and experience
Preferred Education:
Bachelor's Degree Bachelor’s Degree or higher in Cybersecurity, Computer Science, or a related technical discipline
Required Experience:
2+ years Experience involving information technology and/or information security
Preferred Experience:
3+ years Experience in an enterprise Security Operations Center or IT environment. Experience investigating compromised accounts, including analyzing authentication logs, sessions, and MFA events. Experience building or tuning detections within a SIEM (Splunk preferred) or EDR tool. Basic to Intermediate experience with Automation: Using Python, PowerShell, or SOAR tools to streamline repetitive tasks. Experience with Email Security Gateways and performing deep-dive phishing analysis (header analysis, attachment detonation, etc.). Experience managing User Access Requests and Identity and Access Management (IAM) principles. Experience writing hand-off notes, incident reports, and SOPs. Experience working with Cloud technologies.
Required Skills, Knowledge and Abilities:
Demonstrated understanding of the incident response lifecycle and common attack vectors. Ability to clearly communicate technical findings and security concepts to non-technical stakeholders. Proficiency with Windows, macOS, and Linux operating systems. Strong analytical mindset with a focus on 'why' an alert triggered, not just 'what' triggered. Ability to maintain a high level of discretion and professionalism.
Preferred Skills, Knowledge and Abilities:
Knowledge of Detection Engineering principles (e.g., mapping to MITRE ATT&CK). Familiarity with API-based integrations for security automation. Understanding of network protocols (TCP/IP, DNS, HTTP) and cloud security fundamentals. Understanding of HTTP/HTTPS protocols and response codes (e.g. 2xx, 3xx, 4xx, 5xx). Familiarity with security frameworks (NIST, CIS) and risk/compliance initiatives.
Additional Information:
In compliance with NYC's Pay Transparency Act, the annual base salary range for this position is USD $70,000.00 to USD $84,700.00. New York University considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as, market and organizational considerations when extending an offer. This pay range represents base pay only and excludes any additional items such as incentives, bonuses, clinical compensation, or other items.
NYU aims to be among the greenest urban campuses in the country and carbon neutral by 2040. Learn more at nyu.edu/nyugreen.
NYU is an Equal Opportunity Employer and is committed to a policy of equal treatment and opportunity in every aspect of its recruitment and hiring process without regard to age, alienage, caregiver status, childbirth, citizenship status, color, creed, disability, domestic violence victim status, ethnicity, familial status, gender and/or gender identity or expression, marital status, military status, national origin, parental status, partnership status, predisposing genetic characteristics, pregnancy, race, religion, reproductive health decision making, sex, sexual orientation, unemployment status, veteran status, or any other legally protected basis. All interested persons are encouraged to apply at all levels.
See all 69+ OPT SOC Analyst Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new OPT SOC Analyst Jobs.
Get Access To All JobsTips for Finding OPT Sponsorship as a SOC Analyst
Target employers with established security operations centers
Large financial institutions, defense contractors, healthcare systems, and managed security service providers maintain dedicated SOCs and have existing H-1B sponsorship infrastructure. These organizations hire SOC analysts regularly and are far more likely to sponsor than small firms.
Certify before you apply
CompTIA Security+, CySA+, or a GIAC certification like GSEC signals baseline competency to hiring managers. Many SOC roles list certifications as preferred or required. Holding one before your OPT starts reduces employer hesitation around the sponsorship investment.
Highlight your SIEM and EDR experience specifically
Employers screening SOC candidates look for hands-on tool exposure. Mention Splunk, Microsoft Sentinel, CrowdStrike, or similar platforms by name in your resume. Vague references to cybersecurity coursework do not convey the same readiness as named tool experience.
Clarify your OPT timeline upfront with recruiters
SOC roles often involve security clearance timelines and compliance onboarding. Recruiters need to know how much authorized work time you have remaining so they can plan accordingly. Bringing this up early prevents mismatched expectations and avoids late-stage offer complications.
Pursue STEM OPT extension if your degree qualifies
Cybersecurity and computer science degrees listed on the STEM Designated Degree Program list make you eligible for a 24-month STEM OPT extension. This gives employers three years of authorized work time total, which significantly reduces the urgency pressure around H-1B sponsorship.
Position shift work as a strength, not a compromise
Many SOC analyst positions involve rotating shifts covering nights and weekends. Candidates who explicitly express openness to shift schedules stand out in a pool where others resist it. This willingness can directly offset employer concerns about the added effort of sponsoring.
SOC Analyst OPT: Frequently Asked Questions
Can I work as a SOC Analyst on OPT without prior industry experience?
Yes, but you'll likely start at the Tier 1 analyst level, which focuses on alert triage, log monitoring, and escalation. Employers hiring at this level expect strong academic foundations in networking and security fundamentals, not extensive professional history. Internships, lab environments like TryHackMe or home labs, and relevant coursework all strengthen your candidacy when you lack direct work experience.
Do SOC Analyst jobs qualify for STEM OPT extension?
SOC Analyst roles can qualify for the 24-month STEM OPT extension if your underlying degree is on the STEM Designated Degree Program list. Degrees in computer science, information technology, cybersecurity, and electrical engineering typically qualify. Your DSO at your university confirms eligibility based on your specific CIP code, not your job title, so verify this with your international student office before assuming you qualify.
How do I find SOC Analyst employers who sponsor H-1B visas?
Migrate Mate is built specifically for this search. It surfaces SOC Analyst roles from employers with verified sponsorship history, so you're not guessing which companies will actually support your visa transition after OPT. Filtering by sponsorship track record early in your search saves time and avoids pursuing roles at employers who won't sponsor when your authorization window closes.
Will a security clearance requirement disqualify me as an OPT student?
Roles requiring active Secret or Top Secret clearances are generally not accessible to F-1 OPT students, since clearances require U.S. citizenship or, in limited cases, permanent residency. However, many commercial SOC roles do not require clearances at all. Focus your search on private sector employers in finance, healthcare, and technology, where clearance requirements are uncommon at the analyst level.
What should I do if my OPT end date is approaching and I don't have an H-1B sponsor yet?
If you have a STEM-eligible degree, apply for the 24-month extension as early as possible through your DSO, ideally 90 days before your current OPT expires. The extension provides a 180-day cap-gap if your employer files an H-1B petition on time. If sponsorship hasn't materialized, consider roles at cap-exempt employers such as universities or nonprofit research institutions, which can file H-1B petitions year-round.