Tier 2 SOC Analyst Engineer (Remote) at A.C. Coy

Richmond, Virginia, United States -

Full Time

Start Date

Immediate

Expiry Date

03 Mar, 26

Salary

0.0

Posted On

03 Dec, 25

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Incident Response, Threat Analysis, SOC Engineering, SIEM, SOAR, EDR, Scripting, Automation, Forensic Analysis, Threat Hunting, Compliance, Mentorship, Collaboration, Documentation, Vulnerability Management, Security Tools

Industry

Information Technology & Services

Description

Overview Tier One Technologies is seeking a Tier 2 SOC Analyst with SOC Engineering skills to join our direct client on a full-time basis. This will be a 100% remote position. SELECTED CANDIDATES WILL BE SUBJECT TO A BACKGROUND INVESTIGATION AND DRUG TESTING. Responsibilities Investigate and respond to complex security incidents while also helping to improve, tune, and automate SOC tools and processes to enhance overall detection and response capabilities. Incident Response & Threat Analysis: Investigate escalated alerts from Tier 1 analysts and determine incident scope, impact, and severity. Execute containment, eradication, and recovery actions as part of incident response. Perform deep-dive forensic analysis of endpoints, networks, and log sources. Conduct proactive threat hunting using IOCs, MITRE ATT&CK TTPs, and behavioral patterns. SOC Engineering & Tooling: Configure, maintain, and tune SIEM and SOAR platforms to optimize detection and response. Develop and refine correlation rules, dashboards, and automated response playbooks. Integrate log sources, EDR, IDS/IPS, firewalls, and cloud platforms into the SOC ecosystem. Automate repetitive tasks (IOC enrichment, case management, report generation) to improve efficiency. Detection & Use Case Development: Design and implement new detection use cases aligned with evolving threats. Conduct gap analysis against attacker techniques to strengthen detection coverage. Work closely with Tier 1 and Tier 3 analysts to validate and improve detection rules. Collaboration & Escalation: Mentor Tier 2 SOC analysts and provide technical guidance during investigations. Escalate high-severity or complex incidents to Tier 3 or Incident Response teams. Partner with IT/security engineering to address vulnerabilities and improve defenses. Reporting & Continuous Improvement: Document all incidents, actions taken, and lessons learned. Contribute to SOC playbooks, standard operating procedures, and runbooks. Provide metrics and insights to improve SOC performance and maturity. Governance, Risk & Compliance Support: Ensure logging and monitoring meet compliance and regulatory requirements. Provide input for audit readiness and evidence collection. Ensure the SOC design aligns with compliance frameworks (e.g., NIST, GDPR, SOX). Mentorship & Knowledge Sharing: Provide training and guidance to Tier 2 SOC analysts on new tools and use cases. Document SOC architecture, workflows, and best practices. Act as a technical advisor for security projects across the organization. Qualifications Bachelor’s degree in Cybersecurity, Information Technology, or related field (or combination of education and related experience or equivalent work experience). 3+ years of experience in SOC operations, incident response, or cybersecurity engineering. Strong knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, ArcSight). Experience with EDR tools (e.g., Defender, CrowdStrike, SentinelOne). Familiarity with SOAR platforms and security automation. Proficiency in scripting (Python, PowerShell, Bash) for automation and enrichment. Strong written and verbal communication skills. Must be a US Citizen or have permanent residence status (Green Card). Must be able to successfully pass a comprehensive background investigation and drug testing.

Responsibilities

Investigate and respond to complex security incidents while improving SOC tools and processes. Mentor Tier 2 SOC analysts and collaborate with other teams to enhance security measures.