L2 SOC Analyst

Job Title: L2 SOC Analyst Pay Type: SALARIED EXEMPT Location: Remote US Citizenship Required Summary of Position Role/Responsibilities Quzara, a leading Cyber Security Firm, is seeking a highly skilled and experienced L2 SOC Analyst to join our Security Operations Center (SOC). This fully remote role is critical to our mission of protecting our clients from cybersecurity threats. The L2 SOC Analyst will be responsible for monitoring and analyzing security events, identifying and investigating potential security threats, and responding to security incidents. The ideal candidate will have a deep understanding of cybersecurity technologies, threat intelligence, and incident response procedures, with a strong background in using Microsoft security technologies and tools. Essential Functions of the Job • Monitor and analyze security events utilizing advanced security technologies and tools such as Microsoft Sentinel, Defender technologies, and Log Analytics. • Apply deep threat intelligence to identify, investigate, and assess potential security threats. • Perform incident response activities end-to-end, including triage, containment, eradication, recovery, and documentation. • Use strong proficiency in both KQL (Kusto Query Language) and SPL (Search Processing Language) to conduct investigations, threat hunting, and security analytics. • Respond to security incidents in real time, escalating when necessary, based on severity and impact. • Collaborate with internal teams to resolve incidents and enhance overall security posture through lessons learned and process improvements. • Participate in forensic investigations, log analysis, packet analysis, and endpoint forensics following NIST Incident Response guidelines. • Conduct threat hunting leveraging frameworks such as MITRE ATT&CK. • Identify trends, anomalies, and recurring issues to continuously improve SOC operations. • Communicate incident findings, risk assessments, and recommendations to SOC leadership and relevant stakeholders. • Willingness and capability to work in a 24/7 SOC environment. • Experience working in government or highly regulated environments. • Proficient in implementing and utilizing Microsoft Sentinel for SIEM/SOAR operations, automation, and incident response. Marginal Functions of the Job • Other duties as assigned Normal Work Schedule: While standard business hours are Monday to Friday, 8:30 AM to 5:30 PM, this full-time position is based in our 24/7 Security Operations Center. You will be assigned a shift, participate in an on-call rotation, and may work nights, weekends, holidays, and/or rotate as needed. Education, Training, and Experience • Minimum 5+ years of experience as a SOC Analyst within a SOC/MXDR or MSSP environment, performing L2-level responsibilities. • Strong hands-on incident response experience. • Experience with Microsoft Sentinel, Microsoft Defender XDR, Splunk, and modern EDR technologies (such as CrowdStrike, SentinelOne, Carbon Black, etc.). • Strong understanding of networking technologies, security best practices, and IR procedures. • Experience with threat intelligence, threat hunting, and advanced detection techniques. • Advanced proficiency with KQL and SPL queries. • Strong analytical, investigative, and problem-solving skills. • Strong verbal and written communication abilities. • Experience working in government, DoD, or regulated environments preferred. • Familiarity with NIST Incident Response Framework and operational compliance requirements. • Experience in packet analysis, log analysis, and endpoint forensics. • Experience with scripting languages such as Python, PowerShell, or JavaScript. • Relevant cybersecurity certifications required or strongly preferred, such as: • GCIA, GCED, GCIH, GCFA, GNFA • CEH, CySA+, PenTest+ • AZ-500, SC-200, SC-300 • Security+, CASP+ • (or equivalent IR/SOC-focused certifications) EEO Statement The Company is an Equal Employment Opportunity (EEO) employer and does not discriminate based on race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, veteran's status, or any other basis protected by applicable discrimination laws. Shift Options • Sunday–Wednesday: 7:00 PM – 5:00 AM EST • Wednesday–Sunday: 7:00 PM – 5:00 AM EST Apply tot his job