Job Description
A SOC Analyst II job in Cincinnati, OH is currently available at Belcan. This is a fulltime, direct position with benefits. This position will be primarily responsible for maintaining and enhancing an operating environment consisting of security technologies. You will collaborate with Tier 1 analysts, senior engineers, and other security team members to investigate escalated incidents, continuously improve visibility, detect and prevent threats, and provide in-depth reporting to protect Belcan Customer IP, Belcan Employee data, and support both IT and Regulatory Initiatives.
Job Duties:
- Perform advanced investigation and analysis of escalated security incidents from Tier 1 analysts, including complex malware, phishing, insider threats, and advanced persistent threats (APTs).
- Lead and coordinate incident response efforts through all phases.
- Utilize Security Information and Event Monitoring (SIEM) and UEBA tools to conduct in-depth log analysis, correlate events, and identify suspicious patterns or anomalies.
- Proactively hunt for threats by identifying patterns and indicators of compromise (IOCs) using SIEM, EDR, and other tools.
- Security Tool Tuning: Collaborate with engineering teams to tune and optimize security tools (SIEM, EDR, DLP) to reduce false positives and improve detection capabilities.
- Conduct forensic investigations, including file analysis to determine the scope and impact of incidents.
- Collaborate with GRC team to prioritize and track resolution of vulnerabilities.
- Create detailed incident reports, including analysis and recommendations. Contribute to playbooks, processes, and knowledge base documentation.
- Work closely with Tier 1 analysts, providing guidance and mentorship, and assisting with skill development and knowledge sharing.
- Identify areas for security improvement and collaborate with cross-functional teams to enhance security posture.
Required Qualifications:
- Proven experience handling escalated security incidents and performing in-depth investigations.
- Proficiency in analyzing logs, correlating events, and creating custom queries/rules in SIEM and EDR platforms.
- Strong ability to perform TCP/IP packet analysis and conduct email investigations to detect and analyze phishing or malware attempts.
- Experience with Data Loss Prevention (DLP), file movement monitoring, and performing digital forensics investigations.
- Strong understanding of MITRE ATT&CK techniques and tactics, including mapping incidents to tactics and techniques.
- Familiarity with network concepts (firewalls, VPNs, routing/switching) and Windows/Linux system administration.
- Experience with scripting languages (e.g., Python, PowerShell) to automate repetitive tasks and improve efficiency.
- Strong written and verbal communication skills with the ability to collaborate with technical and non-technical teams.
- US citizenship is required.
Preferred Qualifications & Skills:
- Experience with SOAR platforms for automated response and playbook execution.
- Familiarity with Intrusion Detection and Prevention Systems (IDS/IPS).
- Experience with cloud security monitoring (e.g., Azure, AWS).
- Knowledge of identity and access management (IAM) concepts.
- Industry security certifications (GCIH, GCFA, CySA+, CISSP) preferred.
- Understanding of MITRE ATT&CK framework
We provide a competitive pay and benefits package. This position is offering a salary range of $80,000-$120,000. Belcan considers several factors when extending an offer, including but not limited to education, experience, geographic location, and discipline. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.'
As an employee with Belcan, you will be part of one of the largest engineering firms in the United States. We maintain a small-company atmosphere as well as open communication at all levels of our organization, allowing for much more dynamic decision-making processes. We offer flexible schedules as well as an excellent mentoring system to ensure that you have all the knowledge and tools you need to meet a diverse range of engineering challenges. You will also have opportunities to advance to positions of greater responsibility, including management roles. Your hard work and professional dedication will be rewarded with a competitive compensation package. Build a challenging and rewarding career with an industry leader!
We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, or membership in any other group protected by federal, state, or local laws.
Job Tags
Holiday work, Full time, Local area, Flexible hours,