Tier 2 SOC Analyst
Location:
Exciting 12 plus month contract opportunity with a great client
Candidates must be US Citizens and be able to pass a CJIS background check
No C2C or C2H for this role
Must be comfortable working rotating shifts.
Key Responsibilities:
- Determine Service Impact of Security Events: Analyze security events to assess their potential impact on services and infrastructure.
- Alert Customers to Possible Malicious Activity: Communicate with customers to inform them of any detected threats or suspicious activities.
- Engage with Support Teams: Collaborate with Tier 3 Analysts, Network Operations Center (NOC), Network Engineers, and the Computer Security Incident Response Team (CSIRT) to resolve complex issues.
- Create and Manage Tickets: Utilize the ticketing system to create, manage, and resolve tickets related to security incidents and requests.
- Research and Data Collection: Conduct research and gather data on events of interest to support investigations and threat analysis.
Day-to-Day Responsibilities:
- Work Tickets via Ticketing System: Handle incoming security tickets, ensuring timely and accurate responses.
- Create Tickets for SOC Needs: Document and track various operational needs and incidents within the SOC.
- Conduct In-Depth Investigations: Use SIEM technologies to investigate and analyze security incidents and support threat hunting activities.
- Monitor Security Alerts: Continuously monitor security alerts and respond to potential threats in real time.
- Document and Report Findings: Maintain detailed records of security incidents, actions taken, and outcomes for future reference and compliance.
Preferred Experience and Attributes:
- SIEM Technology Experience: Proficiency with SIEM technologies such as Devo, Splunk, or Azure Sentinel.
- Security Certifications: CompTIA Security+ certification or equivalent higher certification.
- Incident Response Experience: 3 to 5 years of experience in Security Incident Response, Security Operations Center, or threat analysis.
- Cloud and Enterprise SIEM: Experience with both cloud and enterprise security SIEM technologies.
Back to Jobs
"*" indicates required fields