Security Operations Center Analyst

Job Title: L2 SOC Analyst

Location: Availability of the candidate needs to be in Nashville Or Texas (Onsite)

Job Type: [Full-Time]

Introduction:

We are seeking a highly skilled L2 SOC Analyst to join our Security Operations Center (SOC) team. The L2 SOC Analyst will serve as a technical escalation resource for L1 SOC Analysts and will provide mentorship for their skill development. The role requires a strong technical background in threat analysis, incident investigation, and remediation, alongside the ability to support client response actions in a 24x7x365 operational environment.

Key Responsibilities:

• 24x7x365 Security Event Monitoring

Actively monitor security events and incidents across client environments to identify potential security threats, ensuring timely response and escalation.

• Incident Analysis and Investigation

Perform thorough analysis and investigation of security incidents, ensuring that all findings are documented accurately. This includes identifying the root cause, scope, and impact of the incident.

• Threat Intelligence Correlation

Analyze and correlate threat intelligence feeds within the SIEM system, identifying and addressing emerging threats and vulnerabilities.

• Containment and Recovery Guidance

Provide timely guidance on containment strategies and help clients recover from security incidents, reducing their impact and restoring operations as quickly as possible.

• Support Client Response Actions

Assist clients in responding to security incidents, ensuring they follow the correct protocols and minimize further risks.

• Update SOPs and Playbooks

Review and update Standard Operating Procedures (SOPs) and Playbooks to ensure they reflect current security best practices, incidents, and evolving threats.

• Onsite Breach Investigations

Provide support for onsite breach investigations, including initial forensic analysis and providing guidance on how to handle the investigation on the ground.

• Support Digital Forensics

Assist in digital forensics efforts by preserving evidence, conducting preliminary analysis, and providing support during in-depth investigations.

• Defining Logic for SOAR Playbooks

Collaborate on defining automation logic and use cases for Security Orchestration, Automation, and Response (SOAR) playbooks to enhance the efficiency of incident detection and response.

• Reporting

Generate and deliver incident reports and post-incident reviews, documenting findings and providing actionable recommendations for improvement.

• Maintain Threat Intelligence Feeds within SIEM

Ensure the proper integration and maintenance of threat intelligence feeds within the SIEM system, enhancing the detection and response capabilities.

Qualifications:

• Experience: Minimum of 3-5 years of experience working in a Managed SOC or similar security operations environment.
• Technical Expertise: Strong technical proficiency in threat analysis, incident response, digital forensics, and security monitoring tools (e.g., SIEM, IDS/IPS).
• 24x7 Availability: Must be available to work in a 24x7x365 rotation, (Shifts) as required.
• Incident Investigation: Experience with incident analysis, investigation, and providing guidance on containment and recovery efforts.
• Communication Skills: Strong verbal and written communication skills for reporting incidents and working with both internal teams and external clients.
• Certifications (Preferred): CISSP, CISM, CEH, or other relevant cybersecurity certifications are highly desirable.
• Experience with SOAR tools, threat intelligence platforms, or digital forensics is a plus.

Desirable Skills:

• Proficiency in working with SIEM platforms (e.g., Splunk).
• Familiarity with incident response tools, threat intelligence feeds, and digital forensics techniques.
• Understanding of current cyber threats, attack vectors, and the ability to stay updated on emerging threats.
• Ability to work under pressure and in high-stress situations.
• Strong analytical and problem-solving skills, with a keen attention to detail.

Why Join Us?

• Competitive salary and benefits package.
• Opportunity to work in a fast-paced, evolving cybersecurity environment.
• Collaborative work culture with a focus on continuous learning.