SOC Analyst-Tier 2 (R-00069)

Position Overview

• Location Type:
• Job Type: Full-Time
• Salary:

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM – $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine’s Top 5000 Fastest Growing Companies.

TZT is seeking an experienced and proactive Tier 2 SOC Analyst to join our dynamic Security Operations Center (SOC) team. As a Tier 2 SOC Analyst, you will play a critical role in investigating and responding to security incidents, conducting in-depth analysis, and implementing effective security controls. Your expertise will contribute to maintaining the integrity and security of our clients' systems and networks. As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the True Zero community as well as the technical backing of the entire PS team. True Zero encourages collaboration and growth through information sharing and knowledge workshops.

Responsibilities

• Perform in-depth analysis of security events and incidents escalated from Tier 1 SOC Analysts.
• Conduct forensic analysis and detailed investigations of security incidents to determine the root cause and extent of compromise.
• Develop and execute incident response plans to contain and remediate security incidents effectively.
• Collaborate with cross-functional teams, including Tier 1 SOC Analysts, Incident Response teams, and SOC Lead/Program Manager to ensure timely incident response, resolution, and reporting.
• Continuously monitor and analyze network traffic, system logs, and security tools for indicators of compromise (IOCs) and emerging threats.
• Provide guidance and support to Tier 1 SOC Analysts, including coaching and knowledge sharing to enhance their technical skills.
• Develop and maintain comprehensive documentation related to incident response processes, procedures, and lessons learned.
• Participate in vulnerability assessments and penetration testing activities to identify and address potential security weaknesses.
• Stay up to date with the latest cybersecurity trends, threat intelligence, and attack techniques to enhance the effectiveness of the SOC operations.
• Perform ticket review, cross training, support process refinement, and provide general mentoring for Tier 1 staff.
• Assist in the development and performance of quality control checks for SOC operations.
• Perform triage and root cause analysis on security events.
• Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation.
• Analyze raw data sources to extract, institutionalize, and document actionable events.
• Review existing security events and propose refinements as necessary.
• Identify and report on metrics related to the operations of the team.
• Tier 2 analyst support is required during core hours (7AM until 7PM – not including holidays and weekends).
• Tier 2 analysts will be included on the on-call support list to support 24x7 security operations.

Requirements

• Demonstrates deep technical level experience supporting security network defense and strategies.
• Ability to work in a high-pressure environment with changing priorities.
• A technical, not academic, understanding of the current threats and tactics being used to attack systems.