Perennial Resources International
Level 2 SOC Analyst
Perennial Resources International, Saint Paul, Minnesota, United States, 55130
SOC Analyst - Level 2
Full-time/Permanent
Onsite in Austin, TX
Responsibilities: • Monitor and analyze security alerts from SIEM, EDR, and other security platforms to identify potential threats. • Perform in-depth investigation of suspicious activity, correlating data across multiple sources to determine scope and impact. • Lead the resolution of low to moderately complex security incidents, including containment, eradication, and recovery actions. • Escalate confirmed incidents to L3 analysts or incident response teams with detailed documentation and recommendations. • Support containment and remediation efforts during active incidents. • Conduct initial root cause analysis and contribute to post-incident reviews to identify gaps and improve future response efforts. • Leverage threat intelligence, behavioral analytics, and contextual data to enhance detection, investigation, and resolution capabilities. • Collaborate with detection engineering teams to develop, test, and tune detection rules and use cases. • Perform basic malware analysis, log correlation, and network traffic inspection to support incident resolution. • Maintain up-to-date knowledge of the threat landscape, including attacker tactics, techniques, and procedures (TTPs), and apply this knowledge to improve incident handling. • Work closely with IT, OT, and business units to validate alerts, gather context, and coordinate incident resolution efforts. • Document investigation steps, findings, and resolution actions in a clear, structured, and timely manner. • Participate in SOC shift rotations to ensure 24/7 monitoring and rapid response to security events. • Contribute to the continuous improvement of SOC processes, playbooks, and knowledge base, with a focus on enhancing incident resolution workflows
Skills: • Bachelor's degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start) • Two (2) years of experience in a SOC or cybersecurity operations role in a private, public, government or military environment. • Effective communicator with the ability to document investigations and collaborate with cross-functional teams • Certifications such as CompTIA Security+, CySA+, or GCIH • Proficiency in analyzing alerts from SIEM, EDR, and network monitoring tools • Familiarity with threat intelligence, basic malware analysis, and log correlation techniques • Understanding of common attack vectors, threat actor behaviors, and frameworks like MITRE Telecommunication&CK • Strong analytical and problem-solving skills with attention to detail • Experienced in triaging and investigating security alerts across SIEM, EDR, and network platforms • Skilled in correlating data from multiple sources to identify and escalate confirmed threats • Proficient in supporting incident response efforts and conducting initial root cause analysis • Strong understanding of threat intelligence and its application in operational workflows • Effective communicator with the ability to document investigations clearly and collaborate across teams • Committed to continuous learning and development in threat detection and response • Analytical thinker with a proactive approach to identifying and mitigating risks • Reliable team player in a 24/7 SOC environment, contributing to operational excellence
Responsibilities: • Monitor and analyze security alerts from SIEM, EDR, and other security platforms to identify potential threats. • Perform in-depth investigation of suspicious activity, correlating data across multiple sources to determine scope and impact. • Lead the resolution of low to moderately complex security incidents, including containment, eradication, and recovery actions. • Escalate confirmed incidents to L3 analysts or incident response teams with detailed documentation and recommendations. • Support containment and remediation efforts during active incidents. • Conduct initial root cause analysis and contribute to post-incident reviews to identify gaps and improve future response efforts. • Leverage threat intelligence, behavioral analytics, and contextual data to enhance detection, investigation, and resolution capabilities. • Collaborate with detection engineering teams to develop, test, and tune detection rules and use cases. • Perform basic malware analysis, log correlation, and network traffic inspection to support incident resolution. • Maintain up-to-date knowledge of the threat landscape, including attacker tactics, techniques, and procedures (TTPs), and apply this knowledge to improve incident handling. • Work closely with IT, OT, and business units to validate alerts, gather context, and coordinate incident resolution efforts. • Document investigation steps, findings, and resolution actions in a clear, structured, and timely manner. • Participate in SOC shift rotations to ensure 24/7 monitoring and rapid response to security events. • Contribute to the continuous improvement of SOC processes, playbooks, and knowledge base, with a focus on enhancing incident resolution workflows
Skills: • Bachelor's degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start) • Two (2) years of experience in a SOC or cybersecurity operations role in a private, public, government or military environment. • Effective communicator with the ability to document investigations and collaborate with cross-functional teams • Certifications such as CompTIA Security+, CySA+, or GCIH • Proficiency in analyzing alerts from SIEM, EDR, and network monitoring tools • Familiarity with threat intelligence, basic malware analysis, and log correlation techniques • Understanding of common attack vectors, threat actor behaviors, and frameworks like MITRE Telecommunication&CK • Strong analytical and problem-solving skills with attention to detail • Experienced in triaging and investigating security alerts across SIEM, EDR, and network platforms • Skilled in correlating data from multiple sources to identify and escalate confirmed threats • Proficient in supporting incident response efforts and conducting initial root cause analysis • Strong understanding of threat intelligence and its application in operational workflows • Effective communicator with the ability to document investigations clearly and collaborate across teams • Committed to continuous learning and development in threat detection and response • Analytical thinker with a proactive approach to identifying and mitigating risks • Reliable team player in a 24/7 SOC environment, contributing to operational excellence