SOC Analyst (Tier 2) / Security Incident Investigator

CyberLinx Solutions, LLC is seeking a SOC Analyst (Tier 2) / Security Incident Investigator to join our Security Operations Center(SOC). This role is responsible for conducting in-depth investigations of security alerts escalated by Tier 1 analysts, identifying potential threats, validating security incidents, and coordinating containment activities. The ideal candidate has strong analytical skills, experience with SIEM tools, and the ability to perform forensic and log analysis to identify malicious activity.

Key Responsibilities

Incident Investigation & Threat Analysis

• Perform detailed investigation and forensic analysis of security alerts and suspicious activities escalated from Tier 1 analysts.
• Correlate events across multiple security platforms, systems, and logs to determine the scope and severity of incidents.
• Validate, classify, and prioritize security incidents and potential threats.
• Identify indicators of compromise (IOCs) and attacker behaviors.
• Conduct malware analysis and log analysis to determine attack methods and impact.

Incident Response & Containment

• Coordinate with IT infrastructure, network, and endpoint teams to contain and remediate security incidents.
• Recommend mitigation strategies and assist in threat containment.
• Support incident response procedures and escalation when necessary.

Detection Engineering & SOC Improvement

• Develop and refine SIEM correlation rules and detection logic.
• Tune existing security monitoring alerts to reduce false positives.
• Contribute to improving SOC detection capabilities and threat visibility.
• Daily Administration & Reporting
• Document incident investigations and response actions.
• Perform root cause analysis and provide detailed incident reports.
• Provide detection tuning recommendations to improve monitoring effectiveness.
• Produce incident trend and threat analysis reports for security leadership.