Posted today
Top Secret
Unspecified
IT - Security
Washington, DC (On/Off-Site)
Key Responsibilities
Investigate and analyze security alerts escalated from SOC Tier I
Perform in-depth incident analysis using SIEM, EDR, and network security tools
Identify and contain threats such as:
Malware
Phishing attacks
Unauthorized access
Lateral movement
Conduct log analysis across endpoints, servers, firewalls, and cloud platforms
Execute incident response actions (containment, eradication, recovery)
Create and update incident reports and documentation
Develop and tune SIEM detection rules and alerts
Perform threat hunting based on IOCs and TTPs
Work with Tier III, IR teams, and IT teams during major incidents
Mentor Tier I analysts and provide feedback
SOC Tier II Analyst – Qualifications
Required Skills & Knowledge
Strong understanding of:
TCP/IP, DNS, HTTP/S
Windows & Linux operating systems
Active Directory
Experience with SIEM platforms (Splunk, Sentinel, QRadar, etc.)
Familiarity with EDR/XDR tools (CrowdStrike, Defender, SentinelOne)
Knowledge of MITRE ATT&CK framework
Ability to analyze:
Logs
Packet captures
Malware behavior (basic level)
Understanding of incident response lifecycle
Good written and verbal communication skills
Investigate and analyze security alerts escalated from SOC Tier I
Perform in-depth incident analysis using SIEM, EDR, and network security tools
Identify and contain threats such as:
Malware
Phishing attacks
Unauthorized access
Lateral movement
Conduct log analysis across endpoints, servers, firewalls, and cloud platforms
Execute incident response actions (containment, eradication, recovery)
Create and update incident reports and documentation
Develop and tune SIEM detection rules and alerts
Perform threat hunting based on IOCs and TTPs
Work with Tier III, IR teams, and IT teams during major incidents
Mentor Tier I analysts and provide feedback
SOC Tier II Analyst – Qualifications
Required Skills & Knowledge
Strong understanding of:
TCP/IP, DNS, HTTP/S
Windows & Linux operating systems
Active Directory
Experience with SIEM platforms (Splunk, Sentinel, QRadar, etc.)
Familiarity with EDR/XDR tools (CrowdStrike, Defender, SentinelOne)
Knowledge of MITRE ATT&CK framework
Ability to analyze:
Logs
Packet captures
Malware behavior (basic level)
Understanding of incident response lifecycle
Good written and verbal communication skills
group id: 10448332
