Tier 2 Incident Response Analyst

About the position Responsibilities • Utilize security tools to analyze, investigate, and triage security alerts • Monitor our customers environments, including cloud and SaaS solutions for evidence of adversarial activity • Perform in-depth analysis and investigation of high-priority cybersecurity incidents • Utilize advanced tools, such as host based digital forensics or malware analysis capabilities, to identify incidents’ root causes, scope, and impact • Collaborate with cyber threat hunting and cyber threat intelligence teams • Participate in the development, implementation, and tuning of the SOC tools detection content and alerting signatures. • Accurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS) • Learn new open and closed-source investigative techniques • Perform research into emerging threats and vulnerabilities to aid their prevention and mitigation • Help shape the evolution of processes and procedures of the SOC • Provide guidance and mentorship to Tier 1 SOC Analysts to enhance their skills and capabilities Requirements • Minimum of six (6) years of cybersecurity experience with at least three (3) years in a SOC watch floor analyst or IR role • Bachelor’s Degree or higher in Cybersecurity or related is preferred • CISSP or CEH certification; additional experience, formal training, certifications, and/or education may be substitutable at the client's discretion • Experience in some of the following tools and technologies :i.e. SIEM experience required with Sumo Logic/Splunk preferred. • Knowledge of common attacker tools, techniques and procedures (TTP) • Experience with major cloud service provider offerings • Knowledge of malware • Knowledge of enterprise architecture including zero trust principles • Knowledge of Windows and Unix operating systems • Knowledge of common phishing techniques and how to investigate them • Proficiency in technical writing • Able to accurately and succinctly convey information through speaking, email, and presentations • Comfortable in customer facing environments • Ability to maintain a positive customer service mentality • TS/SCI Clearance required Nice-to-haves • Previous SOC or incident response experience • Working knowledge of regex and scripting languages • Any SOC analyst relevant certifications such as those from GIAC or CompTIA • The initiative to ask for assistance and offer fresh ideas to improve the SOC’s performance Benefits • Health/Dental/Vision • 401(k) match • Paid Time Off • STD/LTD/Life Insurance • Referral Bonuses • professional development reimbursement • parental leave Apply tot his job