Jul 9, 2026

Cybersecurity Engineer – Level 2

Apply Now →
Job Description: • Monitor and triage security alerts generated by SIEM, EDR, and security monitoring tools • Investigate security incidents including phishing, malware, endpoint compromise, and unauthorized access • Perform root-cause analysis and document incident findings and remediation actions • Tune SIEM detection rules, alerts, and dashboards to reduce false positives and improve fidelity • Conduct threat hunting activities using logs from endpoints, networks, cloud platforms, and identity providers • Respond to security incidents in accordance with established incident response playbooks and SLAs • Escalate complex or high-risk incidents to Level 3 or Incident Response teams with detailed context and evidence • Assist with vulnerability management findings and validation of remediation • Support log ingestion, parsing, normalization, and retention requirements for SIEM platforms • Maintain accurate case notes, incident reports, and security documentation • Collaborate with IT, engineering, and security teams to improve overall security posture Requirements: • 2+ years of hands-on experience in a SOC, cybersecurity, or security operations role • Practical experience working with SIEM platforms (Splunk, Microsoft Sentinel, LogRhythm, QRadar, Elastic) • Experience analyzing logs from endpoints, firewalls, IDS/IPS, cloud, and identity systems • Familiarity with EDR tools (CrowdStrike, SentinelOne, Microsoft Defender, Datto EDR) • Understanding of the incident response lifecycle and security alert triage • Working knowledge of common attack techniques and indicators of compromise (IOCs) • Experience with the MITRE ATT&CK framework • Strong documentation and communication skills • Relevant certifications: Security+, CySA+, SC-200, Splunk Core Certified User Benefits: