Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
2+ years of experience in a SOC, cybersecurity operations, or IT security role
Experience with SIEM platforms (e.g., Splunk), EDR tools, and log analysis
Understanding of networking, operating systems, and cybersecurity fundamentals
Requirements:
Perform continuous security monitoring of network, endpoint, and cloud environments in a 24/7/365 SOC, and analyze/triage alerts from SIEM, SOAR, EDR, and other security tools
Identify potential security incidents (malware, phishing, unauthorized access, and anomalous behavior) and execute initial incident response procedures, escalating to Tier 2/3 analysts as required
Document all incidents, findings, and actions taken in ticketing systems (e.g., ServiceNow) and support log aggregation, correlation, and analysis activities
Support vulnerability monitoring and threat intelligence activities, including tracking Known Exploited Vulnerabilities (KEVs) and vulnerability disclosures, and assist with dark web monitoring as directed
Job description
cFocus Software seeks a Tier 2 SOC Analyst to join our program supporting Housing and Urban Development (HUD). This position is remote. This position requires a Public Trust clearance. Qualifications:
Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
2+ years of experience in a SOC, cybersecurity operations, or IT security role.
Experience with SIEM platforms (e.g., Splunk), EDR tools, and log analysis.
Understanding of networking, operating systems, and cybersecurity fundamentals.
Familiarity with incident response lifecycle and security monitoring processes.
Duties:
Perform continuous security monitoring of network, endpoint, and cloud environments in a 24/7/365 SOC.
Analyze and triage security alerts generated from SIEM, SOAR, EDR, and other security tools.
Identify potential security incidents including malware, phishing, unauthorized access, and anomalous behavior.
Execute initial incident response procedures and escalate incidents to Tier 2/3 analysts as required.
Monitor and analyze security logs, events, and alerts for suspicious activity.
Support threat detection and response activities using threat intelligence and analytics.
Assist with vulnerability monitoring, including tracking Known Exploited Vulnerabilities (KEVs) and vulnerability disclosures.
Document all incidents, findings, and actions taken in ticketing systems (e.g., ServiceNow).
Support log aggregation, correlation, and analysis activities.
Assist with dark web monitoring and indicator tracking as directed.
Participate in shift handoffs and maintain situational awareness across SOC operations.
Follow established SOPs, playbooks, and incident response procedures.
Support compliance with federal cybersecurity requirements and policies.
