SOC L2 Analyst

Ampcus Incorporated is a leading provider of tailored staffing solutions across IT and non-IT industries.

We are seeking a highly motivated SOC L2 Analyst to contribute to our ongoing success in the Security Operations Center.

Key Responsibilities:

• Advanced Incident Response:
• Investigate and respond to escalated security incidents from junior analysts.
• Perform in-depth analysis and correlation of security events to identify root cause and impact.
• Develop and implement mitigation strategies to contain and remediate incidents.
• Threat Hunting and Analysis:
• Conduct proactive threat hunting activities using advanced security tools.
• Analyze threat intelligence and identify potential risks to the organization.
• Endpoint and Network Security:
• Utilize Cisco AMP and CrowdStrike for advanced endpoint protection and threat analysis.
• Monitor and analyze network traffic to detect and respond to anomalies and intrusions.
• Log Management and SIEM:
• Perform detailed log analysis and correlation using Splunk.
• Suggest configuration and optimization of SIEM rules and alerts to improve detection capabilities.
• Cloud Security:
• Use CASB solutions to monitor and secure cloud services and applications.
• Collaboration and Escalation:
• Collaborate with other teams and departments to coordinate response efforts.
• Escalate incidents to senior analysts or specialized teams as needed.
• Documentation and Reporting:
• Document incident findings, actions taken, and lessons learned.
• Prepare detailed incident reports and briefings for management and stakeholders.
• Mentoring and Training:
• Provide guidance and mentorship to junior analysts.
• Conduct training sessions and workshops on advanced security topics and tools.
• Continuous Improvement:
• Stay current with the latest cybersecurity threats, trends, and technologies.
• Contribute to the development and refinement of SOC processes and playbooks.

Qualifications:

• Bachelor's degree in computer science, Information Security, or a related field, or equivalent experience.
• 3 to 6 years of experience in a SOC or similar security role.
• Proficiency with security tools such as Cisco AMP, Splunk, Duo, CASB, CrowdStrike, ExtraHop, ServiceNow, and JIRA.
• Strong understanding of network and endpoint security principles.
• Experience with incident response, threat hunting, and log analysis.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work under pressure and manage multiple tasks simultaneously.

Preferred Certifications:

• Certified Ethical Hacker (CEH)
• GIAC Certified Incident Handler (GCIH)
• Other relevant cybersecurity certifications