Job Description

SOC Analyst Tier 2 - Contract Position

Responsibilities

1. Provide technical escalation point for Tier 1 Analysts on security incidents, alerts, and inquiries requiring input on security risk, privacy, or threats.

2. Be available to assist Tier 1 Analysts with critical incidents and serve as a reference for alerts and inquiries.

3. Perform analysis of log files.

4. Conduct log analysis for suspicious events.

5. Feed data back to threat intelligence sources when new threats are discovered during investigations.

6. Take an active role in incident containment, including post-escalation phases.

7. Assist Tier 3 Analysts with system breach investigations.

8. Assist Tier 3 Analysts with high-tier incidents.

9. Act on vulnerability findings by opening incident tickets against affected assets.

10. Proactively update systems to ensure latest patches are deployed.

11. Document remediation steps required during incident handling or vulnerability identification.

12. Record new incidents and corresponding resolution procedures.

13. Track remediation tickets to support a closed-loop process.

14. Handle client requests and track them through to fulfillment.

15. Manage whitelists and blacklists in SIEM; disseminate updates to appropriate operators for tool or policy updates.

16. Manage and block suspicious IPs in Azure Sentinel.

17. Update work procedures and documentation.

18. Issue documentation and proactively contact system asset owners post-incident to confirm resolution.

Experience

1. Strong knowledge and hands-on experience with SIEM solutions, including QRadar, McAfee ESM, and Azure Sentinel.

2. 3 to 5 years of IT Infrastructure Support experience.

3. Additional 2 to 3 years of experience as a Tier 2 SOC Analyst or Threat Hunter (Red Teaming) in an established SOC.

4. Advanced knowledge of network technologies (protocols, design concepts, access control).

5. Advanced knowledge of security technologies (firewalls, web gateways, endpoint protection, vulnerability management, network infrastructure, etc.).

6. Advanced technical and problem-solving skills in IT infrastructure.

7. Solid experience with email security solutions.

8. Strong background in vulnerability management.

9. Good understanding of the MITRE ATT&CK framework.

10. Good understanding of the ITIL Framework.

11. Proficient in using support ticketing systems and achieving SLA targets.

12. Familiarity with risk management and quality assurance controls.

13. Excellent interpersonal skills and professional demeanor.

14. Excellent verbal and written communication skills.

15. Proficient in Microsoft Office applications.

16. Eligible to obtain National Security Clearance.

17. Excellent customer service capabilities.

Qualifications

1. Grade 12 certificate.

2. ITIL Foundation qualification.

3. Certified Ethical Hacker (CEH).

4. Azure Sentinel SC-200 certification.

5. Azure Sentinel AZ-500 certification.

6. Degree or diploma in Computer Technology.

7. CompTIA A+, Network+, Security+.

8. CompTIA CySa+ and CASP+ (advantageous).