The Security Operations Center (SOC) Analyst II provides support to One Source’s Managed Security Services customers.  The SOC Analyst II should have a background and general experience within Information Technology, and an intermediate knowledge of cyber security practices. The SOC Analyst II should also have a thirst for knowledge and an ability to tackle new problems quickly by using available security tools to successfully remedy issues with minimal supervision from the Senior SOC Analyst and/or SOC Manager. This role focuses primarily on security analysis (escalations and investigations), while also handling basic security engineering tasks (systems, upgrades, reporting, maintenance, etc). 

• Intermediate knowledge of security concepts including, but not limited to, general security concepts, threats and vulnerabilities, digital forensics, threat hunting, incident response, security architecture, mitigation techniques, etc. 
• Intermediate knowledge of security tools and controls including, but not limited to, EDR, Network Security, Email Security, SIEM, SOAR, ITSM software, etc.  
• Monitors and investigates security alerts generated from various security tools and controls deployed in the customer’s environment to determine affected systems and extent of attack 
• Identifies threats in the customers environment and conducts analysis and investigations to determine type of attacks and data or systems impacted 
• Handles security alerts identified and escalated by SOC Analyst I to determine when escalation is required and successfully engages Senior SOC Analyst and/or SOC Manager  
• Identifies and handles customer issues and presents them to Senior SOC Analysts and/or SOC Manager clearly and consisely for timely resolution 
• Possesses verbal and written communication skills for daily interactions with customers and fellow team members/coworkers  
• Bachelors degree in related field preferred but not required 
• CompTIA CySA+ Certification (or similar) preferred but not required (ability to obtain within first 12 months) 
• Ability to work any assigned shift within 24x7x365 SOC  
• 3-5 years of security experience required 

Documentation Repository:  

• Identify when Knowledge Base Articles (KBAs) are needed and assist with the development and maintenance of the KBA repository 
• Identify when SOC Playbooks are needed and assist with the development and maintenance of the SOC Playbook repository 
• Ability to complete any/all necessary SOC documentation as required or assigned by the SOC Manager 

Training/Continued Education: 

• Willingness and desire to stay updated on the current threat landscape by using multiple sources (e.g., articles, podcasts, etc.) 
• Ability to complete any/all training and certification requirements as assigned by the SOC Manager

Updated 3/20/2025