Jobs for People with MS: National MS Society

Details: A SOC Analyst II job in Cincinnati, OH is currently available at Belcan. This is a fulltime, direct position with benefits. This position will be primarily responsible for maintaining and enhancing an operating environment consisting of security technologies. You will collaborate with Tier 1 analysts, senior engineers, and other security team members to investigate escalated incidents, continuously improve visibility, detect and prevent threats, and provide in-depth reporting to protect Belcan Customer IP, Belcan Employee data, and support both IT and Regulatory Initiatives. Job Duties: * Perform advanced investigation and analysis of escalated security incidents from Tier 1 analysts, including complex malware, phishing, insider threats, and advanced persistent threats (APTs). * Lead and coordinate incident response efforts through all phases. * Utilize Security Information and Event Monitoring (SIEM) and UEBA tools to conduct in-depth log analysis, correlate events, and identify suspicious patterns or anomalies. * Proactively hunt for threats by identifying patterns and indicators of compromise (IOCs) using SIEM, EDR, and other tools. * Security Tool Tuning: Collaborate with engineering teams to tune and optimize security tools (SIEM, EDR, DLP) to reduce false positives and improve detection capabilities. * Conduct forensic investigations, including file analysis to determine the scope and impact of incidents. * Collaborate with GRC team to prioritize and track resolution of vulnerabilities. * Create detailed incident reports, including analysis and recommendations. Contribute to playbooks, processes, and knowledge base documentation. * Work closely with Tier 1 analysts, providing guidance and mentorship, and assisting with skill development and knowledge sharing. * Identify areas for security improvement and collaborate with cross-functional teams to enhance security posture. Required Qualifications: * Proven experience handling escalated security incidents and performing in-depth investigations. * Proficiency in analyzing logs, correlating events, and creating custom queries/rules in SIEM and EDR platforms. * Strong ability to perform TCP/IP packet analysis and conduct email investigations to detect and analyze phishing or malware attempts. * Experience with Data Loss Prevention (DLP), file movement monitoring, and performing digital forensics investigations. * Strong understanding of MITRE ATT&CK techniques and tactics, including mapping incidents to tactics and techniques. * Familiarity with network concepts (firewalls, VPNs, routing/switching) and Windows/Linux system administration. * Experience with scripting languages (e.g., Python, PowerShell) to automate repetitive tasks and improve efficiency. * Strong written and verbal communication skills with the ability to collaborate with technical and non-technical teams. * US citizenship is required. Preferred Qualifications & Skills: * Experience with SOAR platforms for automated response and playbook execution. * Familiarity with Intrusion Detection and Prevention Systems (IDS/IPS). * Experience with cloud security monitoring (e.g., Azure, AWS). * Knowledge of identity and access management (IAM) concepts. * Industry security certifications (GCIH, GCFA, CySA+, CISSP) preferred. * Understanding of MITRE ATT&CK framework We provide a competitive pay and benefits package. This position is offering a salary range of $80,000-$120,000. Belcan considers several factors when extending an offer, including but not limited to education, experience, geographic location, and discipline. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.' As an employee with Belcan, you will be part of one of the largest engineering fi