Talent.com
SOC Engineer Tier 2
SOC Engineer Tier 2INSPYR • Raleigh, NC, US
SOC Engineer Tier 2

SOC Engineer Tier 2

INSPYR • Raleigh, NC, US
11 hours ago
Job type
  • Temporary
Job description

Overview

Title : SOC Security Engineer Tier 2

Location : Raleigh, NC (HYBRID)

Duration : 6-month contract with potential extensions

Compensation : $50.00 - $56.00 / hour

Work Requirements : US Citizen, GC Holders or Authorized to Work in the U.S.

SOC Security Engineer Tier 2

A SOC (Security Operations Center) Tier 2 Analyst plays a pivotal role in an organization's cybersecurity posture, handling complex security incidents and actively contributing to threat detection and response. This role requires a strong understanding of cybersecurity principles, incident response methodologies, and proficiency with security tools, particularly those from Cisco.

Responsibilities

  • Incident Response and Analysis : Conduct in-depth analysis of security incidents escalated from Tier 1, according to Dropzone AI.
  • Utilize advanced threat intelligence to thoroughly investigate potential breaches, including attack vectors, affected systems, and impact on business operations.
  • Perform forensic analysis on compromised systems and correlate events from various sources to build a comprehensive picture of the threat.
  • Implement containment and eradication strategies, such as isolating affected systems, blocking malicious IP addresses, or removing malware.
  • Coordinate incident response efforts across multiple teams, including IT, network engineers, and management.
  • Develop and update incident response playbooks based on lessons learned from investigations.
  • Security Monitoring and Optimization : Monitor security dashboards, SIEM (Security Information and Event Management) platforms, and other security tools (including Cisco security products like Cisco Secure Endpoint, Cisco Secure Malware Analytics, and the Cisco SecureX platform) for suspicious activity.
  • Develop custom detection rules and correlation logic to improve threat detection capabilities.
  • Tune security tools and adjust processes to reduce false positives and improve efficiency.
  • Proactively hunt for threats that may have bypassed initial detection mechanisms.
  • Vulnerability Management and Remediation : Conduct vulnerability assessments and assist in developing remediation plans.
  • Proactively update systems and ensure the latest patches are deployed.
  • Technical Leadership and Documentation : Provide guidance and mentorship to Tier 1 SOC Analysts.
  • Create and maintain detailed documentation of incidents, investigations, and findings.
  • Communicate technical findings clearly to both technical and non-technical stakeholders.
  • Contribute to security architecture improvements and best practices development.

Qualifications

  • Experience : 2-5 years in a security-related role, with at least 2-3 years as a Tier 2 SOC Analyst or Threat Hunter.
  • Technical Proficiency : Strong understanding of networking fundamentals (TCP / IP, DNS, HTTP / S, firewalls, etc.).
  • Proficiency in using SIEM tools (e.g., Splunk, IBM QRadar, LogRhythm) and other security technologies (e.g., EDR, IDS / IPS, packet analyzers).
  • Hands-on experience with Cisco security products is highly valued.
  • Experience in handling security incidents and conducting forensic analysis.
  • Knowledge of scripting languages (e.g., Python, PowerShell) for task automation and data analysis.
  • Familiarity with the MITRE ATT&CK framework.
  • Knowledge of operating systems (Windows, Linux) and their security implications.
  • Soft Skills : Excellent analytical and problem-solving abilities, including attention to detail; strong communication skills (written and verbal) for reporting and collaboration; ability to work under pressure; commitment to continuous learning.
  • Education : Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent experience) is often preferred.
  • Certifications : Consider industry certifications like CompTIA CySA+, GIAC Certified Incident Handler (GCIH), Cisco Certified CyberOps Associate, or similar credentials.

    • Benefits

  • Comprehensive medical benefits
  • Competitive pay
  • 401(k) retirement plan
  • ...and much more!

    • INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.

    Technology is our focus and quality is our commitment. Learn more about us at inspyrsolutions.com.

    Information collected and processed through your application with INSPYR Solutions (including any job applications you choose to submit) is subject to INSPYR Solutions' Privacy Policy and INSPYR Solutions' AI and Automated Employment Decision Tool Policy. By submitting an application, you are consenting to being contacted by INSPYR Solutions through phone, email, or text. The policy URL is https : / / www.inspyrsolutions.com / policies /

    J-18808-Ljbffr

    Create a job alert for this search

    Soc Engineer • Raleigh, NC, US