SOC Engineer \ Cybersecurity Analyst - Level 2

Job Title: SOC Engineer Level 2

Job Type: Full-Time
Work Days: MON-FRI | 6 AM - 3PM EST \ 9 AM - 6PM EST
Reports To: Incident Response Service Delivery Manager

Job Summary: We are looking for an experienced SOC Engineer Level 2 to join our Security Operations Center (SOC) team. As a Level 2 SOC Engineer, you will play a critical role in monitoring, analyzing, and responding to security incidents. You will be responsible for handling more complex security threats, guiding Level 1 engineers, and contributing to the overall security posture of the organization. This role requires strong technical expertise, excellent analytical skills, and the ability to work in a fast-paced environment.

Key Responsibilities:
• Advanced Threat Detection and Response: Monitor and analyze security alerts and incidents, conduct in-depth investigations, and respond to complex security threats, ensuring they are mitigated effectively.
• Incident Management: Take the lead in managing security incidents, coordinating with other IT and security teams to contain, eradicate, and recover from security breaches.
• Forensic Analysis: Perform detailed forensic analysis on compromised systems to identify root causes, attack vectors, and indicators of compromise (IOCs).
• Vulnerability Management: Assist in the identification, assessment, and remediation of vulnerabilities within the organization’s infrastructure.
• Security Tool Management: Maintain and optimize security tools and technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
• Collaboration: Work closely with Level 1 SOC Engineers, providing guidance, mentorship, and training to help them improve their skills and effectiveness in responding to security incidents.
• Documentation: Create and maintain detailed documentation of security incidents, forensic analysis, and response actions, ensuring compliance with organizational policies and industry standards.
• Reporting: Generate and analyze security reports, providing insights and recommendations to improve the organization’s security posture.
• Continuous Improvement: Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices, and contribute to the ongoing improvement of SOC processes and technologies.
• On-Call Support: Participate in a rotating on-call schedule to provide after-hours support for critical security incidents.

Qualifications:
• Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience.
• Experience: 3-5 years of experience in a SOC or cybersecurity role, with at least 1-2 years at a Level 1 position or equivalent.
• Certifications: Relevant certifications such as CompTIA Security+, CompTIA CySA+, or equivalent are preferred.
• Technical Skills:
- Strong knowledge of security monitoring tools (e.g., SIEM, IDS/IPS) and their configuration and management.
- Proficiency in network security, endpoint security, and incident response techniques.
- Experience with forensic tools and methodologies for analyzing compromised systems.
- Familiarity with scripting and automation (e.g., Python, PowerShell) to streamline security processes.
- Knowledge of cloud security practices and tools (e.g., AWS, Azure) is a plus.
• Soft Skills:
- Excellent analytical and problem-solving skills with the ability to think critically under pressure.
- Strong communication skills, with the ability to explain complex security issues to technical and non-technical stakeholders.
- Leadership qualities, with a proactive approach to mentoring and guiding less experienced team members.
- Ability to manage multiple priorities and tasks in a dynamic environment.