L2 SOC Analyst

Job Title: L2 SOC Analyst

Pay Type: SALARIED EXEMPT

Location: Remote

Summary of Position Role/Responsibilities

Quzara, a leading Cyber Security Firm, is seeking a highly skilled and experienced L2 SOC Analyst to join our Security Operations Center (SOC). This fully remote role is critical to our mission of protecting our clients from cybersecurity threats. The L2 SOC Analyst will be responsible for monitoring and analyzing security events, identifying and investigating potential security threats, and responding to security incidents. The ideal candidate will have a deep understanding of cybersecurity technologies, threat intelligence, and incident response procedures, with a strong background in using Microsoft security technologies and tools.

Essential Functions of the Job

• Monitor and analyze security events utilizing advanced security technologies and tools such as Microsoft Sentinel, Splunk, Defender technologies, and Log Analytics.
• Utilize deep threat intelligence to identify and investigate potential security threats.
• Respond to and triage security incidents, escalating as necessary.
• Utilize proficiency in KQL/SPL Queries to conduct investigations and gain insights into potential security threats.
• Collaborate with other teams to resolve security incidents and improve overall security posture.
• Participate in incident response efforts and assist in forensic investigations, adhering to NIST guidelines.
• Continuously improve security operations through the identification of trends and anomalies.
• Communicate security incidents and findings to stakeholders and management.
• Willingness to work in a 24/7 environment.
• Experience working in government environments.
• Familiarity with incident response requirements based on NIST guidelines.
• Proficient in implementing and utilizing Microsoft Sentinel for Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) concepts.
• Experience in using Azure Sentinel to detect and respond to security threats, anomalies, and to automate incident response.
• Experience with techniques utilizing the MITRE ATT&CK framework for incident investigation and threat hunting.
• Experience in conducting investigations and identifying malicious activities using techniques such as packet analysis, log analysis, and endpoint forensics.
• Experience with scripting languages such as Python, PowerShell, and JavaScript.

Marginal Functions of the Job

• Other duties as assigned

Normal Work Schedule

This is a full-time position. Standard business hours are Monday through Friday 8:30 AM to 5:30 PM. If your role falls within our Security Operations Center you will be assigned a specific shift. As a result, your working schedule may require flexibility to cover any shift that falls within a 24/7 cycle, it may also change and rotate, including nights, weekends, and holidays. 

Education, Training, and Experience

• At least 5+ years of experience in a SOC Analyst role at a SOC/MXDR or MSSP with L2 experience.
• Strong understanding of networking technologies.
• Experience with Microsoft security technologies such as Microsoft Sentinel, Splunk and Defender XDR stack.
• Strong understanding of security best practices and incident response procedures.
• Experience with deep threat intelligence.
• Strong proficiency with KQL & SPL Queries.
• Strong verbal and written communication skills.
• Strong analytical and problem-solving skills.
• Microsoft Security certifications such as MCSE: Security, MCSA: Windows Server 2016, Azure Security Engineer Associate are a plus.
• Azure experience working with azure security is a must.
• Experience with scripting languages such as Python, PowerShell, and JavaScript.
• Experience working in government environments.
• Familiarity with incident response requirements based on NIST guidelines.
• Willingness to work in a 24/7 environment.
• Experience with techniques utilizing the MITRE ATT&CK framework for incident investigation and threat hunting.
• Experience in conducting investigations and identifying malicious activities using techniques such as packet analysis, log analysis, and endpoint forensics.

EEO Statement

The Company is an Equal Employment Opportunity (EEO) employer and does not discriminate based on race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, veteran's status, or any other basis protected by applicable discrimination laws.