SOC Analyst - Tier 2

Keeper Security, Inc.-posted 2 days ago
Full-time • Mid Level
Hybrid • El Dorado Hills, CA
501-1,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Tier 2 SOC Analyst / Watch Officer serves as the escalation point for Tier 1 alerts and incidents, leading tactical investigation, containment, and remediation efforts. You will act as the on-shift lead, providing technical guidance, situational awareness, and operational direction during live security events. This role requires deep technical knowledge, investigative instinct and the ability to make real-time decisions under pressure. You will work closely with engineering, DevOps and incident response teams to ensure Keeper’s environments remain secure, resilient and compliant.

  • Lead end-to-end execution of complex DevOps and infrastructure programs, including perform in-depth triage and analysis of escalated alerts to determine scope, impact and root cause
  • Lead response actions such as isolating hosts, revoking credentials or blocking network indicators
  • Examine endpoint, network and cloud logs to reconstruct attack timelines and adversary behaviors
  • Execute and enhance incident response playbooks, detection rules and escalation criteria
  • Maintain operational command during assigned shifts, ensuring situational awareness, incident logging and proper shift handovers
  • Conduct proactive threat hunting for suspicious activity and emerging indicators of compromise
  • Validate data integrity from security tools (SIEM, EDR, IDS, etc.) and assist with tuning or integrations
  • Partner with IT, DevSecOps and compliance teams to mitigate vulnerabilities and improve defenses
  • Produce high-quality incident reports, lessons learned and recommendations for leadership
  • Bachelor’s degree in Cybersecurity, Computer Science or related field, or equivalent practical experience
  • 2-4 years in a SOC, incident response or cyber defense role
  • Experience with SIEM platforms (e.g., Splunk, Sumo Logic, Sentinel) and EDR technologies
  • Strong understanding of MITRE ATT&CK, threat actor TTPs and multi-source log correlation
  • Hands-on experience analyzing network traffic, endpoint behavior and cloud telemetry
  • Familiarity with scripting for automation and analysis (Python, PowerShell or Bash)
  • Strong written and verbal communication skills for incident reporting and coordination
  • Certifications such as GCIA, GCIH, CySA+, CEH or equivalent
  • Experience with SOAR platforms, automation pipelines and threat intelligence enrichment
  • Familiarity with AWS Security Hub, GuardDuty or other cloud-native security services
  • Background in root cause analysis, purple-team exercises or tabletop simulations
  • Experience supporting regulated environments (SOC 2, FedRAMP, ISO 27001, etc.)
  • Medical, Dental & Vision (inclusive of domestic partnerships)
  • Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life
  • Voluntary Short/Long Term Disability Insurance
  • 401K (Roth/Traditional)
  • A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc)
  • Above market annual bonuses
Track Jobs with Teal

Job Search Resources

AI Resume Builder
SOC Analyst Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service