CSOC CIR Tier II Analyst

PingWindAustin, TX
Onsite

About The Position

PingWind is seeking a Cyber Incident Response Tier II Analyst to support our VA customer at Hines, IL Martinsburg, WV, or Austin, TX. This role involves performing real-time monitoring and triage of security alerts, leading investigations, analyzing attack patterns, and documenting incident response activities. The analyst will collaborate with cross-functional teams, communicate technical information, and identify opportunities for tuning alerts and improving security analytics. Additionally, the role involves leveraging SOAR platforms, mentoring junior staff, and staying informed about the latest cybersecurity threats.

Requirements

  • Work 100% on-site Monday – Friday from 11:00 PM to 7:00 AM.
  • A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment
  • Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools
  • Experience with enterprise ticketing systems like ServiceNow
  • Excellent analytical and problem-solving skills
  • Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight
  • Ability to learn and function in multiple capacities and learn quickly
  • Strong verbal and written communication skills
  • Ability to obtain Tier 4 / High Risk Background Investigation

Nice To Haves

  • Ability to investigate Indicators of Compromise (IOCs) using Splunk by correlating logs from multiple sources to detect, trace, and assess threat activity across the enterprise
  • Experience leveraging Microsoft Defender for Endpoint (MDE) to perform endpoint investigations, analyze process trees, and validate IOCs during active threat scenarios
  • Ability to remediate phishing incidents, including analysis of email headers, links, and attachments, identifying impacted users, and executing containment actions such as user lockouts, email quarantine, and domain blacklisting
  • Experience performing root cause analysis of malware leveraging PowerShell, using tools such as MDE advanced hunting (KQL) and Splunk to identify infection paths, attacker behavior, and persistence mechanisms

Responsibilities

  • Perform real-time monitoring and triage of security alerts in Cybersecurity toolsets including SIEM, and EDR
  • Make accurate determination of what alerts are false positives or require further investigation and prioritization
  • Lead and actively participate in the investigation, analysis, and resolution of cybersecurity incidents.
  • Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences
  • Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned.
  • Collaborate with knowledge management teams to maintain up-to-date incident response playbooks
  • Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators.
  • Clearly communicate technical information and incident-related updates to management and stakeholders
  • Identify and action opportunities for tuning alerts to make the incident response team more efficient
  • Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy
  • Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions
  • Support the mentoring and training of more junior IR staff
  • Stay informed about the latest cybersecurity threats, trends, and best practices.
  • Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities

Benefits

  • Eleven Federal Holidays
  • Paid Time Off accrued each pay period
  • Parental Leave
  • Three medical plan choices with generous employer contribution
  • Dental and Vision Insurance
  • Company paid Short-Term and Long-Term Disability
  • Company paid Life and AD&D Insurance
  • 401k with competitive matching and vesting schedule
  • Continuing education assistance
  • Short Term / Long Term Disability & Life Insurance
  • Medical, Dependent Care and Commuter Flexible Spending Accounts
  • Employee Assistance Program
  • Wellness benefits include Calm Health app and WellHub gym subsidy (formerly GymPass)
  • 529 College Savings Plan
  • Legal Insurance
  • Pet Insurance
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service