SOC ANALYST TIER 2/3 (Contractor)

About The Position

Requirements

• 5+ years recent experience as Tier 2 or 3 analyst at a large organization; government and Critical Infrastructure company preferred.
• Strong, demonstrated SIEM and data correlation experience.
• Experience designing new SOC use cases and working with vendors on implementation.
• Experience designing and implementing runbooks and use cases to mitigate security incidents.
• Experience designing Incident Response plans, including alert definition and escalation.
• Extensive experience reviewing and managing alerts in Microsoft Defender and Splunk.
• Experience conducting hunts across disparate data sets to identify threats.
• Experience leading timely security operations response efforts in collaboration with stakeholders.
• Demonstrated ability to create runbooks and conduct investigations with key stakeholders.
• Experience designing custom SOC SIEM use cases in Defender, Splunk, and CRWD.
• Experience conducting forensic investigations.

Nice To Haves

• Proactive and problem-solving mindset.
• Curiosity and analytical abilities.
• Qualitative and quantitative analysis skills.
• Adaptability to dynamic environments.

Responsibilities

• Investigate security incidents and determine root causes.
• Review incidents escalated by Tier 1 analysts.
• Utilize threat intelligence to assess alerts and potential incidents.
• Monitor systems and events across different operating systems.
• Develop SIEM use cases and reduce/tune false alerts.
• Lead investigations until issues are resolved.
• Conduct hunts across disparate data sets to identify threats.
• Design and implement runbooks and use cases to mitigate security incidents.
• Document incident response communications for technical and management audiences.
• Set up alert rules and manage alerts effectively.