Security Operations Center Analyst - Raleigh, United States - Optomi

    Optomi
    Optomi Raleigh, United States

    2 weeks ago

    Default job background
    Description
    Tier 2 SOC Analyst - 100% remote in SC, NC, FL, OH, GA or KY


    Optomi, in partnership with an enterprise level client in the energy sector is looking to add a Tier 2 SOC Analyst to their growing team The Tier 2 SOC Analyst will handle alerts from Tier 1's and either remediate or escalate to Tier 3's, as needed.

    The ideal candidate for this role will come with at least 2 years experience working in a SOC handling SIEM, EDR, Firewall, DLP, cloud, and other alerts PLUS experience developing/scripting in Python, Powershell and/or Bash (preferred).

    Strong Tier 2 experience working in a SOC is a must.

    The Tier 2 SOC Analyst will help with incident response and development/coding projects. This is a Mon-Fri 8am-5pm EST role with only some on-call responsibilities required (on a rotation)

    Please note:
    This role starts off as a 12 month contract and will automatically convert or extend after that. Most likely, person will be converted within the first year.


    What You Will Do:
    Responsible for providing monitoring, detection, and response capabilities to ensure security
    This includes event, cloud security, and DLP monitoring, as well as a role in the incident response process
    Responsible for providing monitoring support for cybersecurity systems as well as conducting investigations into and escalating alerts as required for malicious activity
    Review, investigate, and classify the appropriate response for all security incidents that have been assigned / escalated via Tier 1 support
    Respond to and mitigate security incidents based on defined process and procedures to contain and eradicate threats
    Perform sampled reviews of investigated incidents by junior analysts to improve ticket quality and providing feedback to coach junior resources
    Assist with the development of playbooks and processes for day-to-day SOC operations
    Assist with the development, configurations and fine-tuning of various security tools in the environment
    Collaborate with other Engineering and Operations teams to troubleshoot, respond, and improve detection capabilities


    What's Required:
    Bachelors degree in IT, Cybersecurity, or related field
    2-4+ years experience working in a SOC working with various log sources (SIEM, EDR, FWs, PCAPs, Cloud logs, etc.)
    Current experience working as a L2 in an incident response role.
    Experience with PowerShell, Bash and/or Python scripting (highly preferred). If no experience here, then a willingness to learn.
    Ability to respond to incidents and work them beginning to end
    End point or network forensics experience highly preferred
    Malware analysis preferred


    Candidate must sit in SC, NC, FL, GA, OH or KY for tax purposes, or be open to relocating in the first year.

    Role is fully remote otherwise.

    #J-18808-Ljbffr