Tier 2 SOC Analyst

• Monitor and analyze security events from SIEM, EDR, IDS/IPS, and threat intelligence platforms.
• Investigate security alerts and perform root cause analysis of potential incidents.
• Correlate security data to identify attack patterns, emerging threats, and suspicious activities.
• Escalate critical incidents to Tier 3 teams when necessary.
• Create detailed incident reports, timelines, and post-incident summaries.
• Investigate phishing attacks, malware infections, and policy violations.
• Provide recommendations for containment, remediation, and recovery activities.
• Fine-tune detection rules, alert thresholds, and correlation logic to reduce false positives.
• Collaborate with engineering teams to improve security monitoring and detection capabilities.
• Integrate threat intelligence feeds and conduct proactive threat hunting activities.
• Document SOC procedures, playbooks, workflows, and operational processes.
• Serve as a security subject matter expert while supporting internal and external stakeholders.

We are seeking a highly motivated Tier 2 SOC Analyst to support statewide security incident response and centralized cybersecurity operations. This role is responsible for monitoring, investigating, and responding to security events across enterprise environments while working closely with state agencies, security teams, and stakeholders.

The ideal candidate will have hands-on experience in Security Operations Center (SOC) environments, incident response, threat detection, MITRE ATT&CK framework, SIEM analysis, and security investigations. This is not a GRC, compliance, audit, or project management role., * 2+ years of experience in Security Monitoring and Incident Response.

• 2+ years of experience working with the MITRE ATT&CK Framework.
• 2+ years of experience creating security dashboards and reports.
• Experience investigating security incidents using SIEM platforms.
• Hands-on experience with EDR, IDS/IPS, and threat intelligence tools.
• Associate''''s Degree in Information Technology, Cybersecurity, or related field.
• Four years of relevant experience may be substituted for the degree requirement., * Experience with Palo Alto Cortex XSIAM/XDR.
• Knowledge of Linux administration, networking, and network design.
• Experience managing Firewalls, VPNs, Active Directory, and IDS/IPS technologies.
• Previous experience in enterprise SOC, MSSP, government, healthcare, telecom, or financial environments.
• Candidate located in Columbia, SC or surrounding areas.

Preferred Certifications

• CISSP
• CISA
• CEH
• OSCP
• GPEN
• Palo Alto Security Certifications