Level 2 SOC Analyst

SOC Analyst – Level 2 Full-time/Permanent Onsite in Austin, TX Responsibilities

• Monitor and analyze security alerts from SIEM, EDR, and other security platforms to identify potential threats.
• Perform in-depth investigation of suspicious activity, correlating data across multiple sources to determine scope and impact.
• Lead the resolution of low to moderately complex security incidents, including containment, eradication, and recovery actions.
• Escalate confirmed incidents to L3 analysts or incident response teams with detailed documentation and recommendations.
• Support containment and remediation efforts during active incidents.
• Conduct initial root cause analysis and contribute to post-incident reviews to identify gaps and improve future response efforts.
• Leverage threat intelligence, behavioral analytics, and contextual data to enhance detection, investigation, and resolution capabilities.
• Collaborate with detection engineering teams to develop, test, and tune detection rules and use cases.
• Perform basic malware analysis, log correlation, and network traffic inspection to support incident resolution.
• Maintain up-to-date knowledge of the threat landscape, including attacker tactics, techniques, and procedures (TTPs), and apply this knowledge to improve incident handling.
• Work closely with IT, OT, and business units to validate alerts, gather context, and coordinate incident resolution efforts.
• Document investigation steps, findings, and resolution actions in a clear, structured, and timely manner.
• Participate in SOC shift rotations to ensure 24/7 monitoring and rapid response to security events.
• Contribute to the continuous improvement of SOC processes, playbooks, and knowledge base, with a focus on enhancing incident resolution workflows

• Bachelor's degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start)
• Two (2) years of experience in a SOC or cybersecurity operations role in a private, public, government or military environment.
• Effective communicator with the ability to document investigations and collaborate with cross-functional teams
• Certifications such as CompTIA Security+ , CySA+ , or GCIH
• Proficiency in analyzing alerts from SIEM, EDR, and network monitoring tools
• Familiarity with threat intelligence, basic malware analysis, and log correlation techniques
• Understanding of common attack vectors, threat actor behaviors, and frameworks like MITRE TelecommunicationCK
• Strong analytical and problem-solving skills with attention to detail
• Experienced in triaging and investigating security alerts across SIEM, EDR, and network platforms
• Skilled in correlating data from multiple sources to identify and upscale confirmed threats
• Proficient in supporting incident response efforts and conducting initial root cause analysis
• Strong understanding of threat intelligence and its application in operational workflows
• Effective communicator with the ability to document investigations clearly and collaborate across teams
• Committed to continuous learning and development in threat detection and response
• Analytical thinker with a proactive approach to identifying and mitigating risks
• Reliable team player in a 24/7 SOC environment, contributing to operational excellence