Cybersecurity Tier 2

Posted:
12/1/2025, 11:51:38 PM

Experience Level(s):
Junior ⋅ Mid Level

Field(s):
IT & Security

Workplace Type:
On-site

JOB DESCRIPTION

Cyber Security Analyst is responsible for the real-time identification and alerting of information security events that pose an immediate risk to Sysco’s employees, customers, suppliers, shareholders, partners, or business operations.

Requirements

Cybersecurity SOC Tier 2 analyst must be able to do the following:
Correlate threat data from various sources to establish the threat/impact against the network.
After assessment of the data, recommend appropriate countermeasures, facilitating tracking, preliminary handling of investigations, and reporting of all security events and computer incidents.
Remediation actions and apply lessons learned to security incident investigation and resolution
Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure
Develop processes which analyzes data, producing accurate, meaningful, easily interpreted results based on user requirements and use cases
Develop processes which align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center
Create custom tool content to enhance capabilities of security operations teams
Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure
Provide support to Security Incident Management aligned with NIST standards

Technical writing experience

Standard Operating Procedures
Runbooks/Playbooks
Incident Response Plans
Support training develop with both analysts and tabletop exercises
Assist or lead the effort in Tool configuration and content creation

Qualifications:

2-4 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
Degree in Computer Science, Information Technology, or equivalent work experience
Experience supporting Cyber Security Operations in a large enterprise environment
Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution
Experience with SIEM & Log Management solution
Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Metrics
CCNA Security, GCIA, GCIH, CYSA+, Security+ or other related security certifications
At minimum there must be one active security certification
Work schedule: Wednesday to Saturday from 09:00 am to 07:00 pm.(according with the Daylight Saving)
Excellent communication skills in English (B2+ or higher) and ability to collaborate across functions and geographies.

Benefits:

Hybrid position with on-site presence required based on business needs. (Site: Ultra park II Lagunilla, Heredia)
Private Medical Insurance
Asociacion Solidarista
Life Insurance
Personal Day Off

Experience with one or more of the following tools:

Qradar SIEM/Cortex XSOAR
SentinelOne
Proofpoint Email
Azure Suite
Zscaler

Note: Only candidates with Costa Rican nationality or valid immigration status will be considered; applicants residing outside Costa Rica will not be considered, and relocation is not available

Cybersecurity Tier 2

JOB DESCRIPTION

Cyber Security Analyst is responsible for the real-time identification and alerting of information security events that pose an immediate risk to Sysco’s employees, customers, suppliers, shareholders, partners, or business operations.

Cybersecurity SOC Tier 2 analyst must be able to do the following:

Correlate threat data from various sources to establish the threat/impact against the network.

After assessment of the data, recommend appropriate countermeasures, facilitating tracking, preliminary handling of investigations, and reporting of all security events and computer incidents.

Remediation actions and apply lessons learned to security incident investigation and resolution

Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure

Develop processes which analyzes data, producing accurate, meaningful, easily interpreted results based on user requirements and use cases

Develop processes which align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center

Create custom tool content to enhance capabilities of security operations teams

Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure

Provide support to Security Incident Management aligned with NIST standards

Standard Operating Procedures

Runbooks/Playbooks

Incident Response Plans

Support training develop with both analysts and tabletop exercises

Assist or lead the effort in Tool configuration and content creation

2-4 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)

Degree in Computer Science, Information Technology, or equivalent work experience

Experience supporting Cyber Security Operations in a large enterprise environment

Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution

Experience with SIEM & Log Management solution

Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Metrics

CCNA Security, GCIA, GCIH, CYSA+, Security+ or other related security certifications

At minimum there must be one active security certification

Work schedule: Wednesday to Saturday from 09:00 am to 07:00 pm.(according with the Daylight Saving)

Excellent communication skills in English (B2+ or higher) and ability to collaborate across functions and geographies.

Hybrid position with on-site presence required based on business needs. (Site: Ultra park II Lagunilla, Heredia)

Private Medical Insurance

Asociacion Solidarista

Life Insurance

Personal Day Off

Note: Only candidates with Costa Rican nationality or valid immigration status will be considered; applicants residing outside Costa Rica will not be considered, and relocation is not available

Sysco

Related Postings

Data/Information Mgt Analyst 2 - C10 - CHENNAI

Production Supervisor - 3rd Shift

Engineering Manager

ABAD Network Engineer **This position is located in Ramstein Air Base, Germany (International Assignment) *NO REMOTE WORK**

Sentinel (GBSD) - Staff Engineer Systems (Spec Eng) - 14894