Tier II SOC Analyst
Zachary Piper Solutions · Morrisville, NC · 6 days ago
Information Technology$130k/yrFull-time
Responsibilities
- Monitor, analyze, and investigate security alerts across SIEM, EDR, IDS/IPS, firewalls, and cloud security platforms to identify and respond to potential threats
- Triage escalated incidents from Tier 1 analysts, performing in-depth root cause analysis and leading containment, eradication, and recovery efforts
- Correlate data across multiple security tools to identify indicators of compromise (IOCs) and attacker tactics, techniques, and procedures (TTPs)
- Conduct proactive threat hunting and develop detection capabilities, including creating and refining SIEM use cases, correlation rules, and alerting logic
- Perform malware analysis and investigate endpoint, network, cloud, and identity-based security events, including phishing, ransomware, insider threats, and account compromises
- Support vulnerability management and incident response efforts by validating vulnerabilities, conducting forensic analysis, and maintaining detailed documentation, playbooks, and reporting
- Collaborate cross-functionally with IT, cloud, and business teams while mentoring junior analysts and contributing to security operations enhancements and automation initiatives
Qualifications
- 3–5+ years of experience in a Security Operations Center (SOC), incident response, or cybersecurity operations role, with a strong Tier 2 analyst background
- Active Secret Clearance required and ability to work onsite in Morrisville, NC five days per week
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent hands-on experience)
- Proven experience investigating and responding to security incidents across enterprise environments, including triage, analysis, and remediation
- Hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, LogRhythm, Elastic) and EDR tools (e.g., CrowdStrike, Microsoft Defender, SentinelOne, Carbon Black)
- Strong technical understanding of cybersecurity frameworks (NIST, MITRE ATT&CK, CIS Controls), network protocols (TCP/IP, DNS, HTTP/S, SMTP), operating systems (Windows/Linux), and identity/access management
- Experience with detection engineering and advanced security tools, including SIEM tuning, correlation rule development, SOAR platforms, threat intelligence, packet analysis (Wireshark), vulnerability management, and scripting with Python, PowerShell, or Bash
Pay
$130,000-$145,000
Benefits
- Medical
- Dental
- Vision
- 401k
- PTO
- Sick leave if required by law
- Holidays