SOC Tier 2 Analyst

The SOC Tier 2 Analyst serves as the primary investigative and response resource within the Security Operations Center. This position is responsible for conducting deeper investigations of escalated incidents, validating potential threats, performing threat hunting activities, and coordinating technical response efforts.

Tier 2 Analysts analyze complex attack patterns across multiple systems and data sources. They correlate information from endpoints, networks, cloud platforms, identity services, and threat intelligence feeds to determine the scope, severity, and business impact of potential incidents.

The analyst is responsible for performing advanced log analysis, malware triage, forensic review, and threat intelligence correlation. The position frequently serves as the technical lead during moderate severity incidents and provides guidance to Tier 1 analysts during investigations.

Tier 2 Analysts also contribute to detection engineering efforts by improving security monitoring content, developing detection logic, refining alert rules, and recommending improvements to SOC operations.

Candidates must possess advanced knowledge of cybersecurity operations, threat detection methodologies, incident response procedures, attack frameworks, and threat actor tactics, techniques, and procedures.

The candidate should have strong experience with SIEM platforms, EDR platforms, network security monitoring, cloud security technologies, threat intelligence platforms, and incident management processes. Experience investigating ransomware, phishing campaigns, credential theft, insider threats, and cloud security incidents is highly desirable.

The position requires the ability to analyze large volumes of data, identify subtle indicators of compromise, and make informed decisions under pressure. Candidates should understand MITRE ATT&CK, threat hunting methodologies, detection engineering principles, and digital evidence collection.

Typical certifications include CySA+, GCIA, GCIH, GCED, CASP+, CISSP, or equivalent.

The candidate must have a minimum of Secrete Clearance
.

At Defianx, we believe that great people build great outcomes. We are committed to supporting our employees with a competitive benefits package designed to promote health, professional growth, work-life balance, and long-term career success. Eligible employees have access to medical benefits, paid time off, paid holidays, professional development opportunities, certification support, and flexible work arrangements based on customer and operational requirements.

As a growing cybersecurity company, we invest in our team by fostering a collaborative culture that values continuous learning, innovation, and excellence. Employees are encouraged to expand their technical expertise, pursue industry certifications, contribute to mission-critical initiatives, and grow their careers alongside the company's success. Defianx is committed to creating an environment where talented professionals can thrive while delivering exceptional value to our customers.