SOC Analyst - Tier 2 (Core Business Hours Monday - Friday)
100% Remote
True Zero Technologies
True Zero specializes in creating cybersecurity programs and software solutions that enable agency leaders to run a proactive defense, with better intelligence and more efficient collaboration.Tier 2 SOC Analyst Responsibilities
- Perform in-depth analysis of security events and incidents independently, and in support of Tier 1 SOC Analysts.
- Conduct forensic analysis and detailed investigations of security incidents to determine the root cause and extent of compromise.
- Develop and execute incident response plans to contain and remediate security incidents effectively.
- Collaborate with cross-functional teams, including Tier 1 SOC Analysts, Incident Response teams, and SOC Lead/Program Manager to ensure timely incident response, resolution, and reporting.
- Continuously monitor and analyze network traffic, system logs, and security tools for indicators of compromise (IOCs) and emerging threats.
- Provide guidance and support to Tier 1 SOC Analysts, including coaching and knowledge sharing to enhance their technical skills.
- Develop and maintain comprehensive documentation related to incident response processes, procedures, and lessons learned.
- Participate in vulnerability assessments and penetration testing activities to identify and address potential security weaknesses.
- Stay up to date with the latest cybersecurity trends, threat intelligence, and attack techniques to enhance the effectiveness of the SOC operations.
Tier 2 SOC Analyst Requirements
- U.S. Citizenship is a must
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field (or equivalent experience).
- Proven experience (4+ years) in a SOC or security-related role, with a focus on incident response and analysis.
- Strong understanding of cybersecurity principles, best practices, and frameworks (e.g., NIST, ISO 27001, CIS Controls).
- Familiarity with security technologies and tools such as SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection systems.
- Experience conducting forensic analysis and investigations of security incidents, including memory and disk analysis.
- Knowledge of network protocols, packet capture analysis, and log analysis techniques.
- Proficiency in security incident response methodologies and best practices.
- Excellent analytical and problem-solving skills, with the ability to think critically and make sound decisions under pressure.
- Strong communication and collaboration skills, with the ability to effectively interact with technical and non-technical stakeholders.
- Security certifications such as GCIH, GCIA, or CISSP are highly desirable.
- Experience with threat hunting and proactive detection techniques.
- Knowledge of advanced malware analysis and reverse engineering.
- Familiarity with scripting languages (Python, PowerShell, etc.) for automation and data analysis.
- Understanding of cloud platforms and their impact on SOC operations (e.g., AWS, Azure, GCP).
- Familiarity with endpoint detection and response (EDR) tools and technologies.
- Ability to work effectively in a team environment and mentor junior analysts.
- Strong attention to detail and the ability to prioritize and manage multiple tasks and incidents.
- Continuous learning mindset and a passion for staying up to date with the latest cybersecurity trends and technologies.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Azure CISSP Cloud Computer Science EDR Firewalls GCIA GCIH GCP IDS Incident response IPS ISO 27001 Log analysis Malware NIST Pentesting PowerShell Python Reverse engineering Scripting SIEM SOC Threat intelligence
Perks/benefits: 401(k) matching Career development Competitive pay Health care Medical leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open SOC-related jobs
- Open GCP-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open DoD-related jobs
- Open SQL-related jobs
- Open IDS-related jobs