Ensign is hiring !

Job Summary:

The Security Analyst Level 2 (L2) is responsible for investigating, analyzing, and responding to security events and incidents escalated from Level 1 analysts. This role requires a strong technical background, analytical thinking, and hands-on experience in threat detection, incident response, and security monitoring. The L2 analyst plays a critical role in containing threats and improving the organization’s security posture.
 

Key Responsibilities:

• Triage and investigate escalated alerts from L1 analysts to determine the nature and severity of potential threats.
• Perform in-depth analysis of network traffic, security logs, and system events.
• Conduct malware analysis and forensic investigations as needed.
• Document and escalate verified incidents to the Incident Response team.
• Provide guidance and mentorship to L1 analysts.
• Recommend and implement detection improvements and playbook enhancements.
• Collaborate with other teams (IT, Threat Intel, IR) for comprehensive response efforts.
• Participate in root cause analysis and post-incident reviews.
• Continuously update knowledge on current threats, tactics, and procedures (TTPs).

Requirements:

• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent work experience).
• 3+ years of experience in a SOC or similar security role.
• Strong understanding of security technologies: SIEM, IDS/IPS, firewalls, EDR, etc.
• Experience with tools such as Splunk, Sentinel, QRadar, CrowdStrike, Carbon Black, or similar.
• Familiarity with MITRE ATT&CK framework, NIST, and incident handling frameworks.
• Ability to analyze logs, packets, and indicators of compromise (IOCs).
• Solid problem-solving and communication skills.
• Relevant certifications (e.g., CompTIA Security+, CySA+, GCIA, GCIH, or equivalent) are a plus.