SOC 2 Analyst

POSITION SUMMARY 

The Tier 2 SOC Analyst supports a 24x7x365 Security Operations Center and monitors security tools, assesses threats, and the risks involving client infrastructure. This position provides investigative support to SOC Tier 1 analysts in response to security incidents for managed security services customers. The Tier 2 SOC Analyst also provides ?rewall change management and change control services. The role follows standard operating procedures for detecting, classifying, and reporting incidents under the supervision of the SOC Manager and in partnership with Tier 1SOC Analysts. This position requires shift work outside of normal business hours (8 am – 5 pm) including nights and weekends. 

An experienced Tier 2 SOC Analyst will have the ability to utilize commercial and open-source tools to quickly analyze, detect, and respond to cybersecurity incidents. Candidates must have the ability to learn new concepts and development methodologies quickly and can interact with other teams on time sensitive incidents. 

SPECIFIC JOB RESPONSIBILITIES 

• Works with other SOC team members to monitor and triage cybersecurity events 
• Analyze security threats for managed services customer networks and endpoints 
• Provide advice and guidance on incident handling and proper escalation internally and with clients 
• Provide teaching / mentoring to SOC Tier 1 Analysts 
• Document security incident use cases, develop and update procedures as part of SOC run book 
• Process incident communications including initial reporting, follow-ups, requests for information and resolution activity. 
• Process change requests for managed ?rewall / uni?ed threat management (UTM) customers 
• Provide remote support to customers for incident response 
• Install / Configure Security Tools 
• Monitor health of security sensors/endpoints 
• Perform threat hunting based on emerging IOCs or Vulnerabilities 
• Work with customers to verify and document their technology architecture, asset inventory, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by client threat intelligence, and recent security incidents 
• Remain engaged with technical forums and user groups 
• Other relevant tasks as directed by department leadership. 
• Perform other duties within the scope of the role as assigned

EXPERIENCE REQUIRED 

• Graduation from an accredited four-year college or university in a technical / engineering discipline 
• Three (3) years of experience in cybersecurity and/or information technology (IT) security 
• Two (2) years SOC environment experience with security engineering and monitoring experience is required. 
• Any equivalent combination of education and experience will be considered. 

QUALIFICATIONS, SKILLS, & KNOWLEDGE 

• Excellent verbal and written communication skills required. 
• Experience in troubleshooting in a technical environment. 
• Excellent analytical and problem-solving skills. 
• Software and hardware knowledge of computing, storage, networking, and peripheral devices. 
• Pro?ciency with case management and ticketing systems 
• Superior customer service skills 
• Phone and remote support experience, knowledge and resolution ability required 
• Desirable certi?cations include: 
• Certified Incident Handler (GCIH) 
• Certified Intrusion Analyst (GIAC) 
• Certified Ethical hacker (CEH) 
• Certified Expert penetration tester (CEPT) 
• Certified Information Systems Security Professional (CISSP) 
• Networking Certifications (CCNA, etc.) 
• Platform Certifications (Microsoft, Linux, Solaris, etc.) 
• Active security clearance is a plus but not required 
• Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation 
• Demonstrated ability to analyze, triage and remediate security incidents 
• Understanding of Security principles, techniques and technologies such as SANS Top 20 Critical Security Controls and OWASP Top 10 
• Moderate knowledge of networking fundamentals and security related technologies (TCP/IP, Network Layers, Firewalls, IDS/IPS, WAF) 
• Basic knowledge of audit requirements (PCI, HIPPA, HiTrust)  
• Ability to embrace Clearwater’s CLEAR core values (Commitment to Client Success, Lead with Accountability, Integrity & Collaboration, Excellence in All That We Do, Advance Colleague Success, Respect & Transparency) and culture.?? 

PROFESSIONAL DEVELOPMENT EXPECTATIONS 

• Remain engaged with technical forums and user groups 
• Participate in ongoing training to enhance knowledge of security best practices, emerging technologies and cybersecurity threats to ensure up-to-date skills in the rapidly evolving security landscape. 
• Stay engaged with the broader cybersecurity community through industry conferences, webinars, blogs, and forums to stay up to date on the latest trends and best practices. 

The base salary range for this role is $______85,000_____ to $____95,000_______. Base salary is part of our total rewards package which also includes the opportunity for merit-based salary increases, eligibility for our 401(k) plan, medical, dental, vision, life and disability insurances and leaves provided in line with your work state. Our robust time-off policy includes flexible paid time off, 11 paid holidays, and paid sick time. Total compensation, including base salary to be offered, will depend on elements unique to each candidate, including applicable candidate experience, skills, education and other factors permitted by law.

Disclaimer: The above statements are intended to describe the general nature and level of work being performed by people assigned to this position. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of colleagues in the role. All colleagues may be required to perform duties outside of their normal responsibilities from time to time, as needed.

Clearwater is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. Please inform Clearwater/Redspin’s Recruiting team if you need any assistance completing any forms or to otherwise participating in the application process.

Mental/Physical Requirements: Fast paced environment handling multiple demands. Must be able to exercise appropriate judgment as necessary. Requires a high level of initiative and independence. Excellent written and oral communication skills required. Requires the ability to use a personal computer for extended periods of time.