Lead Tier 2 SOC Analyst

Lead Tier 2 Soc Analyst

The Bureau of Engraving and Printing's (BEP's) core mission is to design and manufacture high-quality security documents that meet customers' requirements for quality, quantity, and performance, as well as counterfeit deterrence.

Provides incident response process, threat intelligence review, incident investigation and reporting. The Tier 2 team is inherently responsible for BEP's Cybersecurity Incident Response Capability(CSIRC) and Privacy incidents response.

Job Duties and Responsibilities

• Oversee and coordinate the end-to-end cybersecurity incident response lifecycle, including preparation, identification, containment, eradication, recovery, and lessons learned.
• Analyze and prioritize security incidents escalated from Tier 1 SOC analysts, ensuring timely and effective response to mitigate risks.
• Create, update, and maintain incident response playbooks, standard operating procedures (SOPs), and workflows to ensure consistency and efficiency in handling incidents.
• Coordinate Response Activities : Collaborate with cross-functional teams (e.g., IT, legal, compliance, and external stakeholders) during incident response to ensure alignment and effective resolution.
• Collect, review, and interpret threat intelligence from internal and external sources (e.g., open-source intelligence, commercial feeds, or industry reports) to identify potential threats and vulnerabilities.
• Communicate relevant threat intelligence findings to Tier 1 and Tier 3 teams, as well as other stakeholders, to improve situational awareness and preparedness.
• Use forensic tools and techniques to collect and preserve evidence, ensuring chain of custody for potential legal or regulatory purposes.
• Leverage Security Information and Event Management (SIEM) systems and other tools to correlate events and identify patterns of malicious activity.
• Serve as the primary point of contact for the organization's Cybersecurity Incident Response Capability, ensuring the team is prepared to handle incidents effectively.
• Guide and mentor Tier 1 and Tier 2 analysts, providing training on incident response techniques, tools, and best practices.
• Continuously assess and enhance the CSIRC's capabilities, including tools, processes, and team readiness, to address evolving threats.

Qualifications Required Certifications

Education, Background, and Years of Experience

Additional Skills & Qualifications Required Skills

Working Conditions Environmental Conditions

Physical Requirements

Happy - Be Infectious.

Happiness multiplies and creates a positive and connected environment where motivation and satisfaction have an outsized effect on everything we do.

Helpful - Be Supportive.

Being helpful is the foundation of teamwork, resulting in a supportive atmosphere where collaboration flourishes, and collective success is celebrated.

Honest - Be Trustworthy.

Honesty serves as our compass, ensuring transparent communication and ethical conduct, essential to who we are and the complex domains we support.

Humble - Be Grounded.

Success is not achieved alone, humility ensures a culture of mutual respect, encouraging open communication, and a willingness to learn from one another and take on any task.

Hungry - Be Eager.

Our hunger for excellence drives an insatiable appetite for innovation and continuous improvement, propelling us forward in the face of new and unprecedented challenges.

Hustle - Be Driven.

Hustle is reflected in our relentless work ethic, where we are each committed to going above and beyond to advance the mission and achieve success.

Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities