SOC Analyst T2 – Incident Responder
Tasks
- Analyze security trends and vulnerabilities
- Automate SOC workflows with scripts
- Conduct incident response investigations
- Coordinate incident response plans
- Develop SOC procedures and playbooks
- Document lessons learned
- Escalate incidents based on investigation findings
- Lead after action reviews and incident postmortems
- Map detections to MITRE ATT&CK
- Operate and optimize SIEM platforms
- Perform advanced threat analysis
- Perform quality assurance reviews of Tier 1 cases
- Provide technical guidance to junior analysts
- Reconstruct incident timelines and identify gaps
- Tune and customize detection rules
- Validate alerts and perform Tier 2 triage
Perks/Benefits
Skills/Tech-stack
Alert triage | Bash | DNS | Defender XDR | EDR | ESQL | Elastic Stack | Elasticsearch | Forensics | HTTP | IDS/IPS | Incident Response | KQL | Kibana | Kusto Query | Kusto Query Language | Linux | Logstash | Lucene | MITRE ATT&CK | Microsoft Defender | Microsoft Defender XDR | Microsoft Sentinel | Powershell | Python | Query Language | SIEM | SPL | Splunk | TCPIP | Threat hunting | Wazuh | Windows
Education
N/A
Related jobs
-
Cybersecurity Analyst USD 110K-140KAccess Management | Alert triage | Application control | Audit Logging | Compliance Evidence401k matching | Dental insurance | Dinners Provided Weekly | Employee stock purchase plan | Health insuranceEntry-level Full TimeEl Segundo, California, United States7h ago
-
Staff Application Security Engineer - Moveworks USD 137K-241KAWS | Application Security | Authentication | Authorization | AzureSenior-level Full TimeMountain View, CALIFORNIA, United States10h ago
-
Burp Suite | C# | Dirbuster | Java | JavaScriptCorporate holidays | Dental insurance | Flexible time off | Internet allowance | Medical insuranceMid-level Full TimeRemote R13h ago
-
Senior Security Engineer, Threat Intelligence USD 144K-214KAI machine learning | APIs | Automation | Cloud Security | Data PipelinesBackground check | On-call rotation | Remote workSenior-level Full TimeRemote (United States | Canada) R14h ago
-
Security Analyst II (Weekends/Days) USD 77K-97KAlert triage | EDR | Email Security | Google SecOps | Hash analysis401k retirement program | Company holidays | Dental insurance | Disability insurance | Educational programsMid-level Full TimeTampa, FL Hybrid R14h ago
-
Principal Engineer, Information Security (DevSecOps) is USD 128K-179KABAC | AWS Control Tower | AWS Security | AWS Security Posture | Advanced SecuritySenior-level Full TimeLas Vegas, NV15h ago
-
Cybersecurity Incident Response Triage Analyst USD 57K-109KAWK | Active Directory | Data Loss Prevention | Data loss | Detection SystemsMid-level Full TimeArlington, VA15h ago
-
Security Operations Center Operator I USD 56K-56KAccess Control | Alarm Monitoring | CCTV | Computer Skills | Facial recognitionFlexible scheduleEntry-level Full TimeLas Vegas, NV16h ago
-
Insider Risk Analyst - SkillBridge Intern USD 66K-100KAccess logs | Alert triage | Behavior analytics | Cause analysis | DLPEducation reimbursement | Health plans | Paid time off | Parental leave | Remote workEntry-level InternshipRemote - USA R16h ago
-
ASM | Attack Path Analysis | Attack surface | Attack surface management | Automation401k plan with company matching | Bereavement | Employee assistance program | Employee discount program | Health, dental, and vision careSenior-level Full TimeRemote - Nationwide, United States R16h ago
-
Technical Solutions Architect II - Security USD 128K-160KCloud Security | Cybersecurity | Defender XDR | Defender for Cloud | Enterprise Architecture401k with company matching | Bereavement | Disability insurance | Employee assistance program | Employee discount programMid-level Full TimeRemote - Nationwide, United States R16h ago
-
Cloud Security | Cortex XSIAM | Cortex XSOAR | Cybersecurity | Cybersecurity strategySenior-level Full TimeRemote - Nationwide, United States R16h ago
-
Sr. Cyber Defense Incident Responder USD 135K-155KAccess Control | Anomaly Detection | Authentication | Authorization | Cyber Threat401k matching | Bereavement leave | Dental insurance | Disability insurance | Employee assistance programSenior-level Full TimeSan Antonio, TX, United States16h ago
-
Mid. Cyber Defense Incident Responder USD 110K-130KAccess Control | Anomaly Detection | Authentication | Authorization | Computer forensics401k plan with matching | Dental insurance | Employee assistance program | Health and wellbeing | HolidaysMid-level Full TimeSan Antonio, TX, United States16h ago
-
Senior-level Full TimeSan Antonio, TX, United States16h ago
-
Security Engineer, Cloud USD 211K-290KAWS | Azure | Cloud Security | Cloud platform | Flask401k | Flexible PTO | Health and wellness stipend | Medical/Dental/Vision insurance | Parental leaveMid-level Full TimeNew York, NY (HQ)16h ago
-
Information Security Analyst I USD 75K-97KAccess Control | Active Directory | DNS | Data Loss Prevention | Data lossEntry-level Full TimeSioux Falls, SD, United States17h ago
-
Cybersecurity Analyst II USD 88K-128K800-53 | ACAS | Assessment & Authorization | Cyber Risk | Cyber Risk Assessment401k match | Dental insurance | Disability insurance | Health savings account | Life insuranceMid-level Full TimeColorado Springs, CO, United States17h ago
-
Senior-level Full TimeWASHINGTON, DC, United States17h ago
-
Senior Red Team Security Engineer - Moveworks USD 137K-216KAWS | Application Security | Authentication | Authorization | AzureSenior-level Full TimeMountain View, CALIFORNIA, United States18h ago
-
Access Control | Account Permissions | Cyber intelligence | Data Classification | Device ForensicsMid-level Full TimeTexas-Austin21h ago
-
Agency Information Security Professional 1 USD 71K-112KChange Management | CrowdStrike | Cybersecurity | Incident Response | Information TechnologyDental insurance | Education and development opportunities | Health insurance | Life insurance | Paid time offEntry-level Full TimeUnited States of America-OHIO-Franklin County-Columbus21h ago
-
Security Analyst USD 95KApplication Security | BGP | DDoS Mitigation | DNS | Flow data401k retirement plan | Commuter benefits | Dental insurance | Employee assistance program | Flexible spending accountsMid-level Full TimeUS-NJ-Mahwah21h ago
-
Cyber Security Analyst USD 63K-105K800-53 | ACAS | Contingency Planning | Continuous Monitoring | DISA STIGsEntry-level Full TimeUSA-VA-Virginia Beach21h ago
-
Cyber Security Analyst USD 90K-149K800-53 | 800-53A | ACAS | Assessment and Deployment Kit | Continuous MonitoringHybrid work arrangementMid-level Full TimeUSA-VA-Virginia Beach21h ago