Security Operations Center Tier 2 Analyst
US REMOTE
We are looking for a skilled and experienced Security Operations Center Tier 2 Analyst to be the first line of defense in monitoring, detecting, and responding to cybersecurity threats and incidents to join our dynamic team. The analyst will utilize various security tools and technologies to analyze security events, escalate incidents as necessary, and assist in maintaining the overall security posture of Jacobs. You should have a good understanding of cybersecurity principles, incident response procedures, and the ability to work in a fast-paced environment to ensure Jacobs IT infrastructure remains secure from potential threats.
Key Responsibilities:
- Monitor Security Alerts:
- Continuously monitor security alerts from various sources including SIEM, IDS/IPS, firewalls, and other security tools
- Incident Detection and Response:
- Identify, investigate, and respond to security incidents in accordance with established procedures and protocols
- Analysis and Triage:
- Perform initial triage and analysis of security events to determine their nature and severity, escalating incidents as necessary to SOC Tier 2 Analysts, Team Leads, Incident Response, and other relevant teams
- Communication and Collaboration:
- Strong communication skills to interact with stakeholders, including technical teams, management, and external partners.
- Collaboration skills to work effectively in cross-functional teams during incident response activities.
- Continuous Learning:
- Stay updated on the latest cybersecurity threats, vulnerabilities, and mitigation techniques to ensure proactive defense measures
- Process Management and Documentation:
- Maintain accurate and detailed records of security events, incidents, and response actions in SIEM, Case Management and ticketing systems
- Reporting:
- Help generate and deliver daily, weekly, and monthly reports on security incidents and SOC activities.
- Accurately track and provide shift summary reports to management and peers.
- Soft Skills:
- Strong analytical and problem solving skills
- Excellent communication and interpersonal skills
- Ability to work in a fast-paced, high pressure environment
- Attention to detail, critical thinking and a strong work ethic
- Education:
- Bachelor's degree in computer science, information technology, cybersecurity, or related field (or equivalent work experience)
- Experience:
- 3-5 years of experience in a cybersecurity role, with at least 2 years in a Security Center Operations Center environment
- Certifications: CISSP (Certified Information Systems Security Professional), GCIA (GIACE Certified Intrusion Analyst), GCIH ( GIAC Certified Incident Handler), or other relevant certifications preferred.
- Technical Skills:
- Proficiency with SIEM tools (e.g., QRadar, Splunk)
- Experience with email security solutions such as Proofpoint
- Expertise in Incident response platforms such as IBM Resilient
- In-depth knowledge of network protocols, intrusion detection systems, and firewall technologies
- Advanced understanding of malware analysis, vulnerability assessment, and threat intelligence
- Experience with scripting languages a plus (e.g., Python, Powershell) for automation and analysis
- Strong understanding of Windows, Linux, and macOS operating systems
- Availability:
- Willingness to work in shifts, including nights, weekend and holidays as required
Job Type: Contract
Pay: $40.00 - $45.00 per hour
Experience level:
Schedule:
Experience:
- Linux: 1 year (Preferred)
- Cybersecurity: 1 year (Preferred)
- Information security: 1 year (Preferred)
Work Location: Remote