SOC Analyst-Tier 2

at True Zero Technologies
  • Remote - United States

Remote

Cybersecurity

Mid-level

Job description

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories (“Prosperous and Thriving” ($5MM – $50MM in gross revenue) and “Mid-Atlantic Region” (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine’s Top 5000 Fastest Growing Companies.

TZT is seeking an experienced and proactive Tier 2 SOC Analyst to join our dynamic Security Operations Center (SOC) team. As a Tier 2 SOC Analyst, you will play a critical role in investigating and responding to security incidents, conducting in-depth analysis, and implementing effective security controls. Your expertise will contribute to maintaining the integrity and security of our clients’ systems and networks.

As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the True Zero community as well as the technical backing of the entire PS team. True Zero encourages collaboration and growth through information sharing and knowledge workshops.

Tier 2 SOC Analyst Responsibilities

  • Perform in-depth analysis of security events and incidents escalated from Tier 1 SOC Analysts.
  • Conduct forensic analysis and detailed investigations of security incidents to determine the root cause and extent of compromise.
  • Develop and execute incident response plans to contain and remediate security incidents effectively.
  • Collaborate with cross-functional teams, including Tier 1 SOC Analysts, Incident Response teams, and SOC Lead/Program Manager to ensure timely incident response, resolution, and reporting.
  • Continuously monitor and analyze network traffic, system logs, and security tools for indicators of compromise (IOCs) and emerging threats.
  • Provide guidance and support to Tier 1 SOC Analysts, including coaching and knowledge sharing to enhance their technical skills.
  • Develop and maintain comprehensive documentation related to incident response processes, procedures, and lessons learned.
  • Participate in vulnerability assessments and penetration testing activities to identify and address potential security weaknesses.
  • Stay up to date with the latest cybersecurity trends, threat intelligence, and attack techniques to enhance the effectiveness of the SOC operations.
  • Perform ticket review, cross training, support process refinement, and provide general mentoring for Tier 1 staff.
  •  Assist in the development and performance of quality control checks for SOC operations
  • The ability to perform triage and root cause analysis on security events
  •  Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation
  •  Analyze raw data sources to extract, institutionalize, and document actionable events
  • Review existing security events and propose refinements as necessary
  •  Identify and report on metrics related to the operations of the team
  •  Tier 2 analyst support is required during core hours (7AM until 7PM – not including holidays and weekends)
  •  Tier 2 analysts will be included on the on-call support list to support 24x7 security operations.
  •  Demonstrates deep technical level experience supporting security network defense and strategies.
  •  Ability to work in a high-pressure environment with changing priorities.
  • A technical, not academic, understanding of the current threats and tactics being used to attack systems.

Tier 2 SOC Analyst Requirements

  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (or equivalent experience).
  • Proven experience (5+ years) in a SOC or security-related role, with a focus on incident response and analysis.
  • Ability to communicate effectively, both orally and in writing, with all members of the team; to include non-technical end users, regionally dispersed system administrators, and CyberSecurity leadership.
  • Ability to obtain and maintain at minimum a SECRET clearance, TS/SCI is preferred.
  • U.S. Citizen
  • Required: Ability to pass a USCP background check.
  • Strong understanding of cybersecurity principles, best practices, and frameworks (e.g., NIST, ISO 27001, CIS Controls).
  • Familiarity with security technologies and tools such as SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection systems.
  • Experience conducting forensic analysis and investigations of security incidents, including memory and disk analysis.
  • Knowledge of network protocols, packet capture analysis, and log analysis techniques.
  • Proficiency in security incident response methodologies and best practices.
  • Excellent analytical and problem-solving skills, with the ability to think critically and make sound decisions under pressure.
  • Strong communication and collaboration skills, with the ability to effectively interact with technical and non-technical stakeholders.
  • Security certifications such as GCIH, GCIA, or CISSP are highly desirable.
  • Experience with threat hunting and proactive detection techniques.
  • Knowledge of advanced malware analysis and reverse engineering.
  • Familiarity with scripting languages (Python, PowerShell, etc.) for automation and data analysis.
  • Understanding of cloud platforms and their impact on SOC operations (e.g., AWS, Azure, GCP).
  • Familiarity with endpoint detection and response (EDR) tools and technologies.
  • Ability to work effectively in a team environment and mentor junior analysts.
  • Strong attention to detail and the ability to prioritize and manage multiple tasks and incidents.
  • Continuous learning mindset and a passion for staying up to date with the latest cybersecurity trends and technologies.

U.S. Citizenship is required as this is in support of a Federal Customer.

We’re actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you’ll enjoy:

- Competitive salary, paid twice per month

- Best in class medical coverage

- 100% of medical premiums covered by True Zero

- Company wide new business incentive programs

- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)

- 3 weeks of PTO starting + 11 Paid Holidays Annually

- 401k Program with 100% company match on the first 4%

- Monthly reimbursement of Cell Phone and Home Internet costs

- Paternity/Maternity Leave

- Investment in training and certifications to broaden and deepen your technical skills

Share this job:
Please let True Zero Technologies know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at True Zero Technologies

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply