Tier II SOC Analyst
About The Position
This role involves conducting detailed investigations into complex security incidents, including malware analysis, log correlation, and network traffic analysis, to identify root causes and attack scope. The analyst will lead containment, eradication, and recovery efforts for moderate to high-severity incidents, following incident response playbooks. Proactive threat hunting for indicators of compromise and advanced persistent threats using SIEM and threat intelligence tools is also a key part of the role. Responsibilities include optimizing SIEM rules, filters, and alerts to improve detection accuracy, serving as a primary point of contact for escalated incidents from Security Analyst I, and providing guidance for timely resolution. The position requires creating comprehensive incident reports for leadership and regulatory reporting, mentoring Security Analysts I, and contributing to the development of cybersecurity processes and playbooks. Additionally, the analyst will integrate threat intelligence specific to the energy sector and collaborate with operations, IT, compliance, and external partners.
Responsibilities
- Conduct detailed investigations into complex security incidents affecting client's systems, including malware analysis, log correlation, and network traffic analysis, to identify root causes and attack scope.
- Lead the containment, eradication, and recovery efforts for moderate to high-severity incidents, following client's incident response playbooks and coordinating with other clients business units.
- Proactively search for indicators of compromise and advanced persistent threats targeting clients infrastructure using SIEM, threat intelligence, and other tools.
- Optimize SIEM rules, filters, and alerts to reduce false positives and improve detection accuracy for client's critical systems.
- Serve as the primary point of contact for incidents escalated from Security Analyst I, providing guidance and ensuring timely resolution to protect client's operations.
- Create comprehensive incident reports, including technical details, timelines, and recommendations for preventing recurrence, for Client's leadership and regulatory reporting
- Provide guidance and training to Security Analysts I, fostering their professional development and enhancing team capabilities.
- Contribute to the development and refinement of client's processes, playbooks, and SOPs to strengthen cybersecurity operations.
- Leverage threat intelligence feeds specific to the energy sector to enrich incident analysis and improve client's detection capabilities.
- Work with client's operations, IT, compliance, and external partners to support investigations and remediation efforts.
- Complete all other duties as assigned
Benefits
- Medical, dental & vision
- Critical Illness, Accident, and Hospital
- 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
- Life Insurance (Voluntary Life & AD&D for the employee and dependents)
- Short and long-term disability
- Health Spending Account (HSA)
- Transportation benefits
- Employee Assistance Program
- Time Off/Leave (PTO, Vacation or Sick Leave)
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
501-1,000 employees
