• Security Operations Center Specialist Level 2

    Modern Office MethodsCincinnati, OH 45242

    Job #2752228349

  • OVERVIEW & PURPOSE

    Obviam

    is national in scope, providing Cybersecurity Services for mid-sized to enterprise organizations including Commercial Business, Healthcare, Retail, Manufacturing, and Gov-Ed markets. We are seeking a highly skilled Security Operations Center Specialist, Level 2 with great client communication skills and an appetite to solve complex cybersecurity and information technology problems to join our IT Security Operations team.

    Job Summary:

    This is a fully remote role, supporting Eastern Standard Time (EST) for night shift hours 7pm to 7am EST. The ideal candidate will have a moderate background in Security Operations Centers (SOC) and incident response, with experience in using SOAR, SIEM, and security monitoring tools for detections and investigations. Excellent communication skills and the ability to collaborate effectively with cross-functional teams are essential. At

    Obviam

    , we believe a good analyst is the backbone of an effective security organization, using all available resources to

    identify

    security threats and vulnerabilities.

    As a candidate for this role, you will work as a member of a growing team, providing defense against cyber-attacks and playing a vital role in the monitoring, analysis and management of security events / incidents emanating from client networks and systems. As a part of

    Obviam’s

    24x7x365 security operations center, this position will

    leverage

    creativity, technical acumen, and an eye for detail to ensure our clients’ networks, systems, and services are proactively managed.

    You thrive in working in a fast-paced, technologically forward-leaning environment and are not afraid to push the boundaries of security capabilities. Your responsibilities include fine-tuning detection mechanisms, refining playbooks, and conducting thorough forensic analysis to

    identify

    root causes and mitigate future risks. Additionally, you will contribute to continuous improvement initiatives by providing insights and recommendations based on your findings.

    This role requires willingness to work shifts (including unsociable hours and bank holidays where these fall into your shift pattern) as part of a 24x7 team.

    ESSENTIAL FUNCTIONS

    1. Responsible for incident response work including reviewing events,

      identifying

      false positive vs. real threats,

      identifying

      host involvement, comparing scan results, review logs, and prioritizing incident/events. Helps to solve Tier I & II incidents and events, ability to escalate where needed.

    2. Moderate understanding of incident investigation,

      handling

      and responses to include incident documentation.

    3. Leverage threat hunting by tracking common and novel techniques, tactics, Indicators of Compromise (IOCs), and applying measures for detected threats.

    4. Utilize custom Indicators of Attack (IOAs) and XDR SOAR workflows for automated response and remediation.

    5. Perform incident detection, response & remediation, threat hunting, digital forensics, and configure alerting rules.

    6. Monitor and review advanced threat events, Security Incident and Event Management (SIEM), User Behavior and Analytics (UBA) and Endpoint Detection Response (EDR) toolsets and event logs to

      identify

      security indicator of compromise, attacks, and threats for remediation and / or suppression.

    7. Coordinate with other specialists, analysts, and stakeholders to promptly escalate and respond to security incidents.

    8. Generate and provide scheduled and as-needed reports and recommendations to team, management, and clients

      regarding

      monitored

      security status, incident response, network management, etc.

    9. Assist

      in training and mentoring junior specialists, sharing knowledge and best practices.

    10. Provide recommendations for security improvements, including hardening and content blocking.

    11. Audit and

      validate

      the deployment of security controls to meet standards, guidelines, and compliance requirements.

    12. Proven

      proficiency

      in self-management within a team.

    COMPETENCIES

    1. Experience with monitoring and initial incident triage processes.

    2. Experience with modern

      aiSIEM

      and event aggregation tools, such as CrowdStrike, Splunk, Arctic Wolf, AlienVault, or

      Seceon

    3. Experience with SOAR platforms and capabilities.

    4. Moderate analytical skills and the ability to work under pressure.

    5. Excellent communication and interpersonal skills to interact with team members, management, and external entities effectively.

    6. Familiarity of frameworks such as PCI, NIST, CIS, and CMMC, MITRE ATT&CK, and ISO 27001, which guide security practices and incident response.

    7. Willingness to work in shifts, including nights, weekends, and holidays, as SOC operations are 24x7x365.

    SUPERVISORY RESPONSIBILITY

    This person does not have any supervisory responsibility.

    WORK ENVIRONMENT

    The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

    This job

    operates

    in a professional office environment. This role routinely uses standard office equipment such as computers, phones,

    mfds

    , fax machines, software, and calculators.

    PHYSICAL DEMANDS



    The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

    While performing the duties of this job, the employee

    is regularly required to

    talk or

    hear

    The employee

    frequently

    is required to

    stand and walk

    The employee

    is occasionally required to

    sit; use hands to finger, handle, or feel; reach with hands and arms; and stoop, kneel, crouch, or crawl

    The employee must occasionally lift and/or move up to 10 pounds

    Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus.

    POSITION TYPE & EXPECTED HOURS OF WORK

    NON-

    EXEMPT

    This is a full

    -time,

    hourly position

    with after-hours, 12-hour shifts.

    TRAVEL

    No travel is expected for this position.

    REQUIRED EDUCATION & EXPERIENCE

    • Education:

      Associate’s degree in Computer Science

      , Information Technology, Cybersecurity, or a related field.

    • Certifications: Must

      possess

      at least one of the following certifications: Security+ (SEC+), Certified SOC Analyst (CSA), or equivalent.

    OTHER DUTIES

    Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job.

    Duties,

    responsibilities

    and activities may change at any time with or without notice.

    EQUAL OPPORTUNITY EMPLOYER

    Obviam

    provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal,

    state

    or local laws.




    PI34f5acfa56c5-~~~8

  • You Can Also Try Searching