Job Overview:

We are seeking a skilled and experienced Cybersecurity Level 2 Analyst to join our Security Operations Center (SOC) team. As a Level 2 Analyst, you will play a pivotal role in managing and mitigating cybersecurity incidents by monitoring, analyzing, and responding to potential threats. You will also provide technical support for the resolution of advanced security issues and collaborate with other team members to enhance security controls.

Key Responsibilities:

Threat Detection & Incident Response

• Monitor security events using SIEM tools and other monitoring systems to detect potential threats and anomalies.
• Conduct thorough investigations into suspicious activities, identify the root cause, and determine appropriate response actions.
• Prioritize and escalate security incidents as per established protocols, coordinating with Level 1 and Level 3 analysts and other relevant teams as needed.
• Execute containment, eradication, and recovery processes to mitigate the impact of security incidents.

Vulnerability Management

• Conduct vulnerability assessments and scans, analyze results, and collaborate with IT teams to remediate identified vulnerabilities.
• Perform regular security assessments to ensure that systems and networks remain compliant with security policies.

Threat Intelligence & Analysis

• Utilize threat intelligence feeds, analyze reports, and identify Indicators of Compromise (IOCs) to stay updated on current and emerging threats.
• Apply threat intelligence to ongoing investigations and incidents, adding context and supporting remediation efforts.

Reporting & Documentation

• Create detailed incident reports, including findings, remediation steps, and recommendations for improvement.
• Prepare daily, weekly, and monthly reports summarizing threat trends, incidents, and SOC performance.
• Document processes, workflows, and response actions for knowledge sharing and improvement of incident response protocols.

Collaboration & Knowledge Sharing

• Work closely with IT, network, and application teams to ensure that security policies and controls are properly implemented and maintained.
• Provide guidance and mentorship to Level 1 analysts to improve their skills and incident response capabilities.
• Participate in knowledge transfer sessions to keep the team updated on new threats, techniques, and best practices.

Continuous Improvement

• Identify opportunities to automate and streamline detection, investigation, and response processes.
• Provide feedback on the effectiveness of existing security controls, suggesting improvements where possible.
• Actively participate in red and blue team exercises to enhance the SOC’s threat detection and response capabilities.

Qualifications:

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent work experience will be considered.
• Experience: 2+ years of experience in a SOC or cybersecurity role, with demonstrated experience in handling security incidents and investigations.
• Certifications (preferred but not required): CompTIA CySA+, GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent.

Key Skills:

• Proficiency with SIEM tools (e.g., Splunk, QRadar, ArcSight) and knowledge of IDS/IPS systems.
• Experience with network security technologies (e.g., firewalls, VPNs, proxies) and endpoint protection tools.
• Strong understanding of attack vectors, malware analysis, and threat intelligence.
• Familiarity with cloud security and cloud monitoring tools (e.g., AWS CloudTrail, Azure Security Center) is a plus.
• Knowledge of incident response frameworks (e.g., NIST, MITRE ATT&CK).
• Excellent problem-solving skills and attention to detail, with the ability to think critically under pressure.
• Strong communication skills, able to produce concise and actionable reports for technical and non-technical audiences.
• Ability to work independently as well as collaboratively within a team.

Additional Considerations:

• Shift Flexibility: This role may require evening or weekend shifts, as well as participation in on-call rotations to provide 24/7 SOC coverage.
• Clearance: Security clearance or background check may be required, depending on the sensitivity of the role and data handled.

Why Join Us?

At Marksmen-Research, you’ll have the opportunity to work in a fast-paced environment with cutting-edge technologies, tackling challenging cybersecurity threats and protecting critical data. As a valued member of our team, you’ll contribute to a strong security culture and continuously develop your skills and expertise within a supportive and innovative environment.