SOC Analyst II

To Apply for this Job Click Here

Job Summary:
Experience: 5–10 years

The Security Operations Center (SOC) Information Security Analyst II will be part of the SOC team that monitors, analyzes, and responds to infrastructure threats and vulnerabilities on a 24×7 basis.

Responsibilities:

• Lead the analysis and investigation of information security events (IDS/Proxy/SIEM/etc.) in a 24×7 SOC environment to detect, verify, and respond swiftly to cyber threats, while minimizing false positives.

• Perform monitoring, research, assessment, and analysis of security incidents requiring demonstrable incident response experience.

• Serve as a technical point of escalation and provide mentoring for L1 SOC analysts.

• Handle security alerts in Splunk SIEM and raise tickets based on alerts.

• Follow up with respective teams to close alerts and tickets.

• Analyze and assess security incidents and escalate to appropriate internal teams for additional assistance.

• Investigate incidents, analyze attack methods, research new defense techniques and tools, develop security policies, and document SOC procedures.

• Conduct malware and attack analysis to extract indicators of compromise and perform event correlation between various systems.

• Prepare reports, summaries, and other forms of communication for internal and external stakeholders.

• Maintain familiarity with industry trends and security best practices.

• Ensure SLA compliance, process adherence, and continuous improvement to meet operational objectives.

• Periodically update or create correlation rules based on emerging threats and intelligence sources such as MITRE ATT&CK, US-CERT, and other TTP databases.

Basic Qualifications:

• Education and Experience:

  • 5+ years working in a Security Operations Center environment.

  • Bachelor’s degree in engineering or related field preferred.

• Knowledge and Skills:

  • Excellent knowledge of Intrusion Detection (deep TCP/IP understanding, cybersecurity fundamentals), multiple operating systems (Windows/UNIX), and web technologies (with a focus on Internet security).

  • Ability to read and interpret packet-level data.

  • Familiarity with intrusion detection and prevention, network security products (IDS/IPS, firewalls), and host security tools (HIPS, AV, scanners).

  • Understanding of emerging threats, web application vulnerabilities, and current cyberattack trends.

  • Exposure to vulnerability assessment, penetration testing, or forensic analysis is an advantage.

  • Experience working as part of a distributed, global team across multiple time zones and cultures.

Preferred Certifications and Skills:

• CEH (Certified Ethical Hacker) preferred.

Tools and Technologies:

• Required: Microsoft Office.

• Strongly Preferred: Cisco network devices, Nexpose or InsightVM, Splunk, CrowdStrike, SCCM, BitLocker, Zscaler, Proofpoint, ServiceNow, Trend Micro, Okta, Azure, and Microsoft 365.

Physical Demands and Working Conditions:

• Primarily office-based work; potential international travel up to 5%.

To Apply for this Job Click Here

Equal Employment Opportunity Statement
Gravity IT Resources is an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, veteran status, or any other legally protected characteristic. All employment decisions are based on qualifications, merit, and business needs.