SOC Analyst - Tier 2 (Core Business Hours Monday - Friday)

Tier 2 SOC Analyst Responsibilities

• Perform in-depth analysis of security events and incidents independently, and in support of Tier 1 SOC Analysts.
• Conduct forensic analysis and detailed investigations of security incidents to determine the root cause and extent of compromise. 
• Develop and execute incident response plans to contain and remediate security incidents effectively. 
• Collaborate with cross-functional teams, including Tier 1 SOC Analysts, Incident Response teams, and SOC Lead/Program Manager to ensure timely incident response, resolution, and reporting.
• Continuously monitor and analyze network traffic, system logs, and security tools for indicators of compromise (IOCs) and emerging threats. 
• Provide guidance and support to Tier 1 SOC Analysts, including coaching and knowledge sharing to enhance their technical skills. 
• Develop and maintain comprehensive documentation related to incident response processes, procedures, and lessons learned. 
• Participate in vulnerability assessments and penetration testing activities to identify and address potential security weaknesses. 
• Stay up to date with the latest cybersecurity trends, threat intelligence, and attack techniques to enhance the effectiveness of the SOC operations. 

Tier 2 SOC Analyst Requirements

• U.S. Citizenship is a must
• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field (or equivalent experience). 
• Proven experience (4+ years) in a SOC or security-related role, with a focus on incident response and analysis. 
• Strong understanding of cybersecurity principles, best practices, and frameworks (e.g., NIST, ISO 27001, CIS Controls). 
• Familiarity with security technologies and tools such as SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection systems. 
• Experience conducting forensic analysis and investigations of security incidents, including memory and disk analysis. 
• Knowledge of network protocols, packet capture analysis, and log analysis techniques. 
• Proficiency in security incident response methodologies and best practices. 
• Excellent analytical and problem-solving skills, with the ability to think critically and make sound decisions under pressure. 
• Strong communication and collaboration skills, with the ability to effectively interact with technical and non-technical stakeholders. 
• Security certifications such as GCIH, GCIA, or CISSP are highly desirable. 
• Experience with threat hunting and proactive detection techniques. 
• Knowledge of advanced malware analysis and reverse engineering. 
• Familiarity with scripting languages (Python, PowerShell, etc.) for automation and data analysis. 
• Understanding of cloud platforms and their impact on SOC operations (e.g., AWS, Azure, GCP). 
• Familiarity with endpoint detection and response (EDR) tools and technologies. 
• Ability to work effectively in a team environment and mentor junior analysts. 
• Strong attention to detail and the ability to prioritize and manage multiple tasks and incidents. 
• Continuous learning mindset and a passion for staying up to date with the latest cybersecurity trends and technologies.