Tier 2 SOC Analyst – Cybersecurity Operations
Employment Type: Contract
Location: Remote (Must reside in TX, AZ, KY, TN, GA, SC, NC, FL)
Competitive Salary
About the Role
We’re looking for experienced Tier 2 SOC Analysts to join a fast-paced cybersecurity operations team supporting a large enterprise environment.
In this role, you’ll be on the front lines of cyber defense—investigating security alerts, responding to incidents, and helping stop threats before they cause damage. You’ll work with modern security tools and collaborate with engineers and security teams to strengthen overall security posture.
This is a great opportunity for someone who enjoys deep technical investigation, threat analysis, and hands-on incident response in a mature SOC environment.
What You’ll Do
- Monitor and analyze security alerts from tools like SIEM, EDR, IDS/IPS, and cloud security platforms
- Investigate suspicious activity and determine impact, scope, and severity
- Support incident response including triage, containment, and escalation
- Perform threat hunting based on attacker behavior and known attack patterns (MITRE ATT&CK)
- Analyze phishing attempts, malware, account compromise, and insider threats
- Document incidents, timelines, findings, and executive summaries
- Help improve detection rules to reduce false alerts and improve accuracy
- Work with engineering teams to improve monitoring and security coverage
- Support threat intelligence integration and use of IOCs (Indicators of Compromise)
- Contribute to SOC playbooks, procedures, and continuous improvement efforts
What We’re Looking For
- 2+ years of experience in SOC, incident response, or cyber defense roles
- Experience investigating security alerts in enterprise environments
- Understanding of common attack types (phishing, malware, credential theft, lateral movement, etc.)
- Familiarity with MITRE ATT&CK framework
- Strong analytical and problem-solving skills
- Experience working with security logs and monitoring tools
Nice to Have
- Tools like Splunk, Sentinel, QRadar, Elastic, CrowdStrike, Defender, Cortex XDR/XSIAM
- Knowledge of cloud security (AWS, Azure, or GCP)
- Linux basics and troubleshooting skills
- Networking fundamentals (TCP/IP, DNS, VPNs, firewalls)
- Certifications like Security+, CySA+, CEH, OSCP, CISSP, GIAC, etc.
- Familiarity with NIST, CIS, or ISO security frameworks
Why This Role
- Work with modern, enterprise-grade cybersecurity tools
- Exposure to advanced threat hunting and real incident response work
- Opportunity to help improve SOC processes and detection strategies
- Collaborative team environment with experienced cybersecurity professionals
- Long-term contract with potential extension
Ideal Candidate
You’re someone who enjoys digging into security alerts, figuring out what really happened, and thinking like an attacker. You’re detail-oriented, curious, and comfortable working in a fast-moving environment where no two incidents are the same.