Posted Jul 13, 2026

Tier 2 Security Analyst Remote

Apply for this Position →
Job Title: Security Analyst Location: Remote (Columbia, SC 29212) Job Type: Contract - 12 Months (Possibility of extension) Interview: In person/Virtual Scope of the project: This role will focus on supporting security monitoring, threat detection, security incident response, and security investigations. Daily Duties / Responsibilities: • Continuously review and correlate security event data across SIEM, EDR, IDS/IPS, and threat intelligence sources to identify complex attack patterns, emerging threats, and security incidents. • Perform deep-dive analysis of suspicious activity, validate incidents, determine root cause and impact, and escalate critical incidents with detailed context to Tier 3 as required. • Create detailed incident reports, timelines, and post-incident summaries; contribute to lessons-learned documentation and recommendations for remediation and preventative measures. • Investigate user-reported phishing, malware infections, and potential policy violations; advise users and internal/external teams on containment and recovery actions. • Recommend updates to SOC playbooks and workflows based on real-world INVESTIGATIONS, fine-tune detection rules. Alert thresholds, and correlation logic to reduce false positives and improve threat coverage. • Collaborate with engineering teams to ensure monitoring tools are properly configured and tuned. Integrate new threat intelligence feeds into workflows and proactively hunt for threats using up-to date tactics, techniques, and procedures (TTPs) • Serve as a customer-facing SME, "selling" the value of DIS services by demonstrating capabilities and resolving issues. • Document processes, runbooks, and troubleshooting steps related to SOC operations. • Coordinate with engineering, SOC, and agency staff as needed to meet goals. Required Skills (rank in order of Importance): • 2+ Years of Experience with Security Monitoring and Incident Response. • 2+ Years of Experience with MITRE ATT&CK framework. • 2+ Years of Experience with dashboard creation and reporting. Preferred Skills (rank in order of Importance): • Experience with the Palo Alto Cortex XSIAM/XDR platform. • Knowledge of Linux, network administration and network design. • Experience in administration of firewalls, VPN technology, Active Directory, Intrusion Detection/Prevention systems. Required Education/Certifications: • Associate's degree in an information technology or information security related field • Four years of relevant work experience may be substituted in lieu of education • Two years of experience in supporting large soc operations. Preferred Education/Certifications: • CISSP, CISA, CISO or equivalent advanced security certification. • Additional relevant certifications (e.g., CEH, OSCP, GPEN). • Vendor certifications related to information security.