T2 SOC Analyst
GDH

Austin, Texas

Posted in IT


This job has expired.

Job Info


.bd_title { font-weight: bold; }

Candidate Description

The Tier 2 Security Operation Center (SOC) Analysts have experience in using SIEM technologies to support in-depth investigations and threat hunting activities.  Experience with McAfee Enterprise Security Manager (ESM), Splunk, or other SIEM technology required.  An understanding of ticket workflow and handling is also required.

 

The Tier 2 Analyst provides support to the Tier 1 SOC Analysts, which may include helping work Tier 1 tickets and/or provide training to Tier 1 Analysts.  Tier 2 SOC Analysts are also responsible for researching, responding to, and creating tickets within the ticketing system.

Tier 2 Analysts are responsible for:

·         Determining service impact of security events.

·         Alerting customers to possible malicious activity.

·         Working tickets via ticketing system.

·         Creating tickets for various needs of the SOC.

·         Research and data collection of events of interest.

·         Engaging support of Tier 3 Analysts, Network Operations Center (NOC), Network Engineers and/or the CSIRT (Computer Security Incident Response Team) when necessary.

 

Responsibilities

·   Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment. 

·    Receive and analyze security alerts from various sources within the enterprise and determine possible causes of such alerts. 

·   Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

·   Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings). 

·    Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave. 

·   Assists in developing cybersecurity recommendations to Tier 3 based on significant threats and vulnerabilities. 

·   Work security tickets within established SLAs and escalate to Customer or Tier 3 as needed, establish false positive, or contact customer as needed.

·   Provide guidance and mentorship to Tier 1 SOC personnel.

·   Contribute to the creation of process documentation and training materials.

·   Be able to work a rotating on-call schedule as required.


This job has expired.

More IT jobs


Zimmer Biomet
Warsaw, Indiana
Posted about 2 hours ago

ClarkDietrich
Rochelle, Illinois
Posted about 2 hours ago

CoreLogic Solutions, LLC
Dallas, Texas
Posted about 2 hours ago

Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.