Job Title: SOC Analyst 2
Location: ONSITE in Austin, TX (send local Candidates)
Duration: 12 months plus
Interview Mode: Video
Job Description:
Also must already be local, be able to pass a drug and background check
Hours (they are hiring a few at different shifts)
Weekdays:
• 5:00 PM – 12:00 AM (Evening Shift)
• 12:00 AM – 8:00 AM (Night Shift, includes 1-hour handoff to state staff)
Weekends and State Holidays:
• 8:00 AM – 5:00 PM (Day Shift)
• 5:00 PM – 12:00 AM (Evening Shift)
• 12:00 AM – 8:00 AM (Night Shift)
Job Description
Responsibilities:
Active security monitoring and analysis of alerts
• Incident triage, investigation, and escalation per CSOC playbooks
• SIEM rule tuning and alert optimization
• Support detection engineering activities (e.g., creating and refining detection logic)
• Document actions taken and maintain shift logs for handoff
Shift changeover and handoff procedures
• To maintain operational continuity, a mandatory handoff procedure will be conducted at each shift change.
• Following each shift, the on-duty team will submit a detailed report summarizing all activities, including a chronological summary for each ticket handled.
SOC Tier 2 Analysts act as intermediate incident responders, focusing on in-depth investigation, containment, and remediation of security threats escalated by Tier 1. They validate alerts, analyze the scope and impact of incidents using threat intelligence, and guide recovery efforts. They bridge the gap between initial triage and expert-level threat hunting. [1, 2, 3, 4]
Core Responsibilities
Deep Investigation & Analysis: Conduct forensic examinations, analyze raw logs, and correlate data from multiple sources to understand the root cause and impact of an attack.
Incident Response & Containment: Actively respond to high-priority incidents by developing and implementing strategies to contain threats (e.g., isolating systems, blocking IPs).
Threat Intelligence Utilization: Leverage advanced threat intelligence to identify attacker behavior, mapping incidents to frameworks like MITRE ATT&CK to detect lateral movement or data exfiltration.
Escalation Management: Handle complex security incidents passed from Tier 1, and escalate to Tier 3 (e.g., forensic experts) if further investigation is required.
Process Improvement & Documentation: Create detailed reports on findings, update documentation, and refine standard operating procedures (SOPs) or automation playbooks.
Key Skills
Proficiency in security tools like SIEM, IDS/IPS, and threat intelligence platforms.
Understanding of network forensics, malware analysis, and system administration.
Strong analytical and problem-solving skills
Additional Responsibilities may include..
In addition to the responsibilities related to core monitoring and alerting responsibilities, the following tasks are expected from the Contractor.
Proactive Security and Threat Management Vulnerability Management and Tracking:
During non-business hours, staff may review and track vulnerabilities identified by scanning tools. Staff can assess and prioritize these vulnerabilities based on factors such as severity, exploitability, and asset criticality. This process includes updating tickets, coordinating with system owners to facilitate patching, and verifying remediation measures.
Never miss an opportunity! Create an alert based on the job you applied for.
