Tier II SOC Analyst

Zachary Piper
Morrisville, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
$ 145K

Job location

Morrisville, United States of America

Tech stack

Multitier Architecture
Microsoft Windows
Bash
Cloud Computing
Cloud Computing Security
Computer Security
Linux
DNS
Hypertext Transfer Protocols (HTTP)
Identity and Access Management
Intrusion Detection and Prevention
Intrusion Detection Systems
Python
Simple Mail Transfer Protocols
Packet Analyzer
Network Protocols
Powershell
Phishing
Security Information and Event Management
TCP/IP
Wireshark
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Mitre Att&ck
QRadar
Malware
Cyber Threat Analysis
Information Technology
Microsoft Sentinel
CIS Benchmarks
Splunk
SentinelOne Expertise

Job description

Piper Companies is looking to fill the role of for a Cloud and Technology company located in Morrisville, NC. The is responsible for advanced threat detection, incident investigation, containment, and remediation activities .

  • Monitor, analyze, and investigate security alerts across SIEM, EDR, IDS/IPS, firewalls, and cloud security platforms to identify and respond to potential threats
  • Triage escalated incidents from Tier 1 analysts, performing in-depth root cause analysis and leading containment, eradication, and recovery efforts
  • Correlate data across multiple security tools to identify indicators of compromise (IOCs) and attacker tactics, techniques, and procedures (TTPs)
  • Conduct proactive threat hunting and develop detection capabilities, including creating and refining SIEM use cases, correlation rules, and alerting logic
  • Perform malware analysis and investigate endpoint, network, cloud, and identity-based security events, including phishing, ransomware, insider threats, and account compromises
  • Support vulnerability management and incident response efforts by validating vulnerabilities, conducting forensic analysis, and maintaining detailed documentation, playbooks, and reporting
  • Collaborate cross-functionally with IT, cloud, and business teams while mentoring junior analysts and contributing to security operations enhancements and automation initiatives

Requirements

  • 3-5+ years of experience in a Security Operations Center (SOC), incident response, or cybersecurity operations role, with a strong Tier 2 analyst background
  • Active Secret Clearance required and ability to work onsite in Morrisville, NC five days per week
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent hands-on experience)
  • Proven experience investigating and responding to security incidents across enterprise environments, including triage, analysis, and remediation
  • Hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, LogRhythm, Elastic) and EDR tools (e.g., CrowdStrike, Microsoft Defender, SentinelOne, Carbon Black)
  • Strong technical understanding of cybersecurity frameworks (NIST, MITRE ATT&CK, CIS Controls), network protocols (TCP/IP, DNS, HTTP/S, SMTP), operating systems (Windows/Linux), and identity/access management
  • Experience with detection engineering and advanced security tools, including SIEM tuning, correlation rule development, SOAR platforms, threat intelligence, packet analysis (Wireshark), vulnerability management, and scripting with Python, PowerShell, or Bash

Benefits & conditions

  • $130,000-$145,000
  • Benefits: Medical, Dental, Vision, 401k, PTO, Sick leave if required by law, and Holidays

Apply for this position