L2 SOC Analyst

• Monitor and analyze security events utilizing advanced security technologies and tools such as Microsoft Sentinel, Defender technologies, and Log Analytics
• Utilize deep threat intelligence to identify and investigate potential security threats
• Respond to and triage security incidents, escalating as necessary
• Utilize proficiency in KQL Queries to conduct investigations and gain insights into potential security threats
• Collaborate with other teams to resolve security incidents and improve overall security posture
• Participate in incident response efforts and assist in forensic investigations, adhering to NIST guidelines
• Continuously improve security operations through the identification of trends and anomalies
• Communicate security incidents and findings to stakeholders and management

• At least 5+ years of experience in a SOC Analyst role at a SOC/MXDR or MSSP with L2 experience
• Strong understanding of networking technologies
• Experience with Microsoft security technologies such as Microsoft Sentinel and M365 Defender
• Strong understanding of security best practices and incident response procedures
• Experience with deep threat intelligence
• Strong proficiency with KQL Queries
• Strong verbal and written communication skills
• Strong analytical and problem-solving skills
• Azure experience working with azure security is a must
• Experience with scripting languages such as Python, PowerShell, and JavaScript
• Experience working in government environments
• Familiarity with incident response requirements based on NIST guidelines
• Willingness to work in a 24/7 environment
• Experience with techniques utilizing the MITRE ATT&CK framework for incident investigation and threat hunting
• Experience in conducting investigations and identifying malicious activities using techniques such as packet analysis, log analysis, and endpoint forensics

Microsoft Security certifications such as MCSE: Security, MCSA: Windows Server 2016, Azure Security Engineer Associate are a plus