Tier 2 SOC Analyst

We are seeking an experiencedTier 2 SOC Analystto provide advanced monitoring, escalation handling, and incident support in a dynamic Security Operations Center (SOC) environment. The ideal candidate will have strong analytical and technical skills, familiarity withProzone.ai, SentinelOne, and Splunk dashboards(experience is a plus), and will serve as a critical escalation point for Tier 1 analysts. This role includesparticipation in an on-call support rotationto respond to high-priority incidents outside of regular business hours.

Key Responsibilities

• Serve as an escalation point for Tier 1 analysts, handling alerts requiring deeper analysis and response.
• Investigate, analyze, and resolve security incidents using Prozone.ai, Sentinel One, and Splunk dashboards.
• Correlate logs and data across multiple systems to identify patterns of malicious activity.
• Conduct in-depth triage of security events and provide actionable recommendations.
• Support forensic analysis, root cause determination, and remediation steps for confirmed incidents.
• Document all incidents, escalation procedures, and lessons learned in compliance with SOC processes.
• Support SOX and other compliance controls by reviewing logs, access controls, and incident documentation.
• Work closely with Tier 3, compliance, IT, and threat intelligence teams to improve SOC workflows.
• Mentor Tier 1 analysts by providing feedback, training, and guidance.
• Participate inon-call support rotationto provide after-hours escalation coverage.

Qualifications & Requirements

• Education:Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience).
• Certifications (preferred):CompTIA Security+, CySA+, GSEC, GCIA, CEH, or equivalent SOC/IR certifications.
• Experience:
• 2–4 years in a SOC environment or incident response role.
• Strong knowledge of endpoint detection and response (EDR) tools such as SentinelOne.
• Hands-on experience with SIEM platforms (Splunk preferred).
• Familiarity with Prozone.ai for security monitoring is a plus.
• Knowledge of TCP/IP, DNS, HTTP/HTTPS, email security, firewalls, IDS/IPS, and malware analysis.
• Experience with ticketing and case management tools (e.g., ServiceNow, Jira).
• Excellent written and verbal communication skills.
• Ability to work under pressure, prioritize effectively, and meet deadlines.
• Strong analytical and problem-solving skills.
• Experience withthreat hunting, correlation rules, and playbook development.
• Familiarity withSOAR platformsand automation workflows.
• Cloud security monitoring experience (AWS, Azure, GCP).
• Understanding of compliance frameworks beyond SOX (HIPAA, PCI DSS, ISO 27001).
• Ability to create clear technical reports for both technical and non-technical stakeholders.