SOC Analyst Tier 2

About the job:

Senior security analysts own the successful completion of all procedures executed in the SOC. And own the documentation and measurement of all subordinate procedures as well as the continual improvements to them. They are also responsible for the execution of the information fusion procedure, where various data inputs are fed to both operations and engineering to automate detection of new indicators and to filter out conditions that are not actionable for their organizations.

These senior analysts will gather information, collate it into an accessible format, and ensure its full dissemination. Senior analysts are responsible for the subtle event process—long-term analysis and deep dive investigation into network activity.

Job Description:

• Monitor level 1 analyst performance by investigating incoming events using SOC-available tools.
• Ensure level 1 event(s) are addressed in a timely manner using available reporting and metrics.
• Approve and, if necessary, further investigate level 1-escalated events.
• Mentor level 1 analysts to improve detection capability within the SOC.
• Manage SOC event and information intake to include gathering intelligence reports, monitoring ticket queues, investigating reported incidents, and interacting with other security and network groups as necessary.
• Serve as detection authority for initial incident declaration.
• Function as shift subject-matter experts (SMEs) on incident detection and analysis techniques, providing guidance to junior analysts and making recommendations to organizational managers.
• Drive and monitor shift-related metrics processes ensuring applicable reporting is gathered and disseminated per SOC requirements.

• Conduct security research and intelligence gathering on emerging threats and exploits.
• Serve as a backup analyst for any potential coverage gaps to ensure business continuity