Security Operations Center (SOC) Analyst - Tier 2

Tier 2 SOC Analyst - Enterprise Security Operations Location: Remote - US Based US Citizen or Green Card Holder on US Soil Overview: We are seeking an experienced Tier 2 SOC Analyst to support enterprise-level Security Operations Centers (SOCs) by performing advanced triage, investigation, and response to cybersecurity incidents across complex environments. This role serves as an escalation point from Tier 1, focusing on deeper analysis, incident coordination, and threat validation within mature security programs. This is a hands-on operational role requiring strong technical investigation skills, experience working in enterprise environments, and the ability to operate within defined incident response and security operations frameworks. Key Responsibilities:

• Serve as escalation point for Tier 1 analysts, performing advanced analysis and validation of security alerts
• Investigate complex security incidents including malware, lateral movement, credential misuse, and insider threats
• Perform deep log analysis across endpoints, network devices, cloud platforms, and security tooling
• Coordinate incident containment, eradication, and recovery efforts with incident response and engineering teams
• Execute and refine incident response playbooks and escalation procedures
• Document investigation findings, root cause analysis, and response actions in case management systems
• Support detection engineering efforts through alert tuning, rule refinement, and false positive reduction
• Collaborate with threat intelligence and vulnerability management teams to contextualize alerts
• Participate in post-incident reviews and continuous improvement initiatives
• Mentor Tier 1 analysts and provide guidance on investigation techniques

Required Skills:

• Experience operating as a Tier 2 SOC Analyst in an enterprise SOC environment
• Hands-on experience with SIEM platforms such as Splunk, Sentinel, QRadar, or LogRhythm
• Strong incident investigation and response experience across enterprise environments
• Solid understanding of attacker tactics, techniques, and procedures (MITRE ATT&CK)
• Experience analyzing endpoint, network, cloud, and application security logs
• Familiarity with incident response frameworks and escalation models
• Experience using case management and ticketing platforms
• Strong analytical, documentation, and communication skills
• Ability to operate independently in high-impact, time-sensitive situations

Apply tot his job Apply To this Job