Tier II SOC Analyst
Zachary Piper
Morrisville, United States of America
yesterday
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
Intermediate Compensation
$ 145KJob location
Morrisville, United States of America
Tech stack
Multitier Architecture
Microsoft Windows
Bash
Cloud Computing
Cloud Computing Security
Computer Security
Linux
DNS
Hypertext Transfer Protocols (HTTP)
Identity and Access Management
Intrusion Detection and Prevention
Intrusion Detection Systems
Python
Simple Mail Transfer Protocols
Packet Analyzer
Network Protocols
Powershell
Phishing
Security Information and Event Management
TCP/IP
Wireshark
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Mitre Att&ck
QRadar
Malware
Cyber Threat Analysis
Information Technology
Microsoft Sentinel
CIS Benchmarks
Splunk
SentinelOne Expertise
Job description
Piper Companies is looking to fill the role of for a Cloud and Technology company located in Morrisville, NC. The is responsible for advanced threat detection, incident investigation, containment, and remediation activities .
- Monitor, analyze, and investigate security alerts across SIEM, EDR, IDS/IPS, firewalls, and cloud security platforms to identify and respond to potential threats
- Triage escalated incidents from Tier 1 analysts, performing in-depth root cause analysis and leading containment, eradication, and recovery efforts
- Correlate data across multiple security tools to identify indicators of compromise (IOCs) and attacker tactics, techniques, and procedures (TTPs)
- Conduct proactive threat hunting and develop detection capabilities, including creating and refining SIEM use cases, correlation rules, and alerting logic
- Perform malware analysis and investigate endpoint, network, cloud, and identity-based security events, including phishing, ransomware, insider threats, and account compromises
- Support vulnerability management and incident response efforts by validating vulnerabilities, conducting forensic analysis, and maintaining detailed documentation, playbooks, and reporting
- Collaborate cross-functionally with IT, cloud, and business teams while mentoring junior analysts and contributing to security operations enhancements and automation initiatives
Requirements
- 3-5+ years of experience in a Security Operations Center (SOC), incident response, or cybersecurity operations role, with a strong Tier 2 analyst background
- Active Secret Clearance required and ability to work onsite in Morrisville, NC five days per week
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent hands-on experience)
- Proven experience investigating and responding to security incidents across enterprise environments, including triage, analysis, and remediation
- Hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, LogRhythm, Elastic) and EDR tools (e.g., CrowdStrike, Microsoft Defender, SentinelOne, Carbon Black)
- Strong technical understanding of cybersecurity frameworks (NIST, MITRE ATT&CK, CIS Controls), network protocols (TCP/IP, DNS, HTTP/S, SMTP), operating systems (Windows/Linux), and identity/access management
- Experience with detection engineering and advanced security tools, including SIEM tuning, correlation rule development, SOAR platforms, threat intelligence, packet analysis (Wireshark), vulnerability management, and scripting with Python, PowerShell, or Bash
Benefits & conditions
- $130,000-$145,000
- Benefits: Medical, Dental, Vision, 401k, PTO, Sick leave if required by law, and Holidays