We are seeking a skilled and experienced SOC Analyst Tier 2 to join our dynamic cybersecurity team. As a Tier 2 Analyst, you will play a pivotal role in our Security Operations Center (SOC), contributing to detecting, analyzing, and responding to security incidents. If you have a passion for cybersecurity and are ready to take on challenging responsibilities, we encourage you to apply.
Responsibilities:
Perform investigations, threat hunting, and use cases as needed.
Act as an escalation point for Tier 1.
Communicate with customers regarding security-related incidents Assist in threat signature implementation and tuning.
Define and mature ‘playbooks’ for response to cyber threats.
Provide teaching/mentoring to junior analyst team members.
Participate in and lead SOC training efforts.
Do additional responsibilities and tasks assigned by SOC management.
Cooperation Type: fully on-site position: day shift, evening shift, and night Shift with "on-call" availability (some nights, weekends, and holidays).
Requirements
4 years of experience on one of the following team(s):
Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident.
Response Center (CSIRC) or a Security Operations Center (SOC).
Bachelor's degree in Computer Science, Information Technology, or a related technical field.
Experience with Security Information and Event Management (SIEM) Systems, Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, and Large Enterprise or Cloud Environments.
Experience with incident response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, and managing and tracking investigations to resolution.
Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK).
XDR/EDR experience:
Deep packet and log analysis.
Some forensic and malware analysis experience.
Cyber threat and intelligence gathering and analysis.
Willingness to learn, adapt, and innovate critical thinking and analytical skills.
Excellent written and oral communication skills.
Great interpersonal and teamwork skills.
Proficient in Incident Management and Response.
Experience in security device management and SIEM.
Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
Experience in threat management.
Knowledge of various operating system flavors including but not limited to Windows, Linux, and Unix.
Knowledge of applications, databases, and middleware to address security threats against the same.
Proficient in the preparation of reports, dashboards, and documentation.