Security Operations Center Analyst


Date: Sep 23, 2022
City: San Diego, CA
Contract type: Full time
S2 eliminates risks of separate red- and blue-teams by creating continuously optimized cybersecurity for the modern, constant-threat landscape. Our centralized adversary simulation, detection and response platform, Mage, uses advanced tradecraft to provide continuous red team-as-a-service. With Mage, we find weaknesses before adversaries do, so that every threat is an opportunity for improvement. Deployed as-a-service, S2 makes advanced real-time cybersecurity accessible for all organizations. With smart automation and continuous testing, we help you focus on the most imminent and most critical risks to your enterprise.

S2 is a Small Business that is focused solely on cybersecurity and specializes in Adversary Simulation, Protection and Prevention services. We were founded by cybersecurity experts trained by the National Security Agency (NSA) who were joined by senior cybersecurity entrepreneurs with proven expertise within the Federal Government. We are a growing community of cyber professionals seeking like-minded individuals who are passionate about cybersecurity, seek innovation in our everyday work, hold ourselves and those around us accountable, and have a will to win.

S2. Relentlessly secure.

Stage 2 Security (S2) is seeking a SOC Analyst who monitors the organization\'s entry channels to ensure the business is safeguarded against internal and external threats. They function both reactively and proactively and help bolster security processes, procedures, and policies. Additionally, the Information Security Analyst III assists with/conducts routine audits, performs risk assessments, and plays a key role in incident response situations. The SOC Analyst is an active collaborator and an effective communicator. They find gaps, solve problems, thrive under pressure, and have an unrelenting drive to achieve and maintain optimal levels of security.


Helps Entry/Junior analysts with security events from the various Security Operations Center (SOC) entry channels (SIEM, Tickets, Email, and Phone) and runs the incident if necessary. Collaborates with other seniors / TLM if necessary to perform further investigation and resolution.

Recommends enhancements to SOC security process, procedures, and policies.
Performs network security monitoring and incident response; maintains records of security monitoring and incident response activities

Conducts security assessments of IT infrastructure, enterprise applications, and production systems.

Performs vulnerability scans, analysis, reporting and subsequent remediation actions.

Performs weekly auditing/monitoring activities for anomalous or security relevant events.

Assists with monitoring and testing the deployment of security infrastructure to ensure it\'s full deployment and effectiveness.
Investigates, triages and assists in the containment of all potential cybersecurity incidents.

Conducts 3rd-party vendor risks assessments.

Monitors and analyzes Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Security Information and Event Management (SIEM).

Creates, modifies, and updates IDS, IPS, and SIEM rules.

Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

Efficiently and effectively evaluates and deconstructs malware.

Consolidates and analyzes large sets of data in order to discover indications of compromise (Threat Hunting).

Assists with implementation of counter-measures or mitigating controls.

Creates and maintains Playbooks, and undertakes automation building (XSOAR).

Establishes and maintains strong working relationships across the organization.

Minimum Requirements:

3-5 years previous Security Operations Center experience (preferred) or 2-3 years Security Engineering experience with previous SOC experience.

Experience in conducting security investigations

Working knowledge of multiple operating systems and system administration skills (Windows, OSX, Linux)

Strong knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, EDR

Demonstrated understanding of security incident management, malware management and vulnerability management processes

Experience with web content filtering technology, policy engineering, and troubleshooting

Strong working knowledge of operating systems and network security principles (i.e. TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP)

Prior experience working with vulnerability scanning tools.

Past experience using industry standard or open source vulnerability scanning or security patching tools.

Strong working knowledge and experience with access control systems like Single Sign On (SSO), Active Directory and other IAM systems.

Demonstrated experience using Security Orchestration, Automation, and Response (SOAR) tools (Dimesto, Phantom, InsightConnect)

Well developed skills that enable effective risk and issue detection, assessment and resolution.

S2 is a small business where people come first, and we know and care about each and every employee. This drives us to provide the best possible benefits and we believe that the benefits we offer are a notch above the rest.

The Benefits at S2 include:
  • Medical & dental insurance premiums are 100% paid by S2 for the employee and eligible dependents
Up to $100 per month reimbursed for mobile phone expenses

Up to $50 per month reimbursed for home Internet access

Expenses paid for approved work-related trainings & conferences

Eligibility to participate in our 401k program after 90 days of employment

Competitive salary, which is paid semi-weekly (twice per month)

Participation in S2 Unlimited PTO Program

11 paid government holidays annually

10 paid sick days

Stage 2 Security welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.

If you are looking to make an impact, Stage 2 Security is the place for you.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume