{"id":917,"date":"2025-12-25T05:59:07","date_gmt":"2025-12-25T05:59:07","guid":{"rendered":"https:\/\/skillbasedmatching.com\/jobs\/?post_type=jobpost&#038;p=917"},"modified":"2025-12-25T05:59:10","modified_gmt":"2025-12-25T05:59:10","slug":"l2-soc-analyst-quzara-remote","status":"publish","type":"jobpost","link":"https:\/\/skillbasedmatching.com\/jobs\/current-jobs\/l2-soc-analyst-quzara-remote\/","title":{"rendered":"L2 SOC Analyst \u2013 Quzara (Remote)"},"content":{"rendered":"\n<p>\u200bQuzara is a specialized cybersecurity firm that focuses heavily on government, DoD, and highly regulated environments. This <strong>L2 (Tier 2) SOC Analyst<\/strong> role is a technical escalation point within a <strong>24\/7\/365 Security Operations Center<\/strong>. As an L2, you are expected to move beyond simple alert monitoring into deep-dive forensic analysis, proactive threat hunting, and end-to-end incident handling using the <strong>Microsoft Security Stack<\/strong>.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Requisition ID:<\/strong> 1044<\/li>\n\n\n\n<li>\u200b<strong>Location:<\/strong> 100% Remote (US Citizenship Required)<\/li>\n\n\n\n<li>\u200b<strong>Experience Required:<\/strong> 5+ years in a SOC\/MSSP\/MXDR environment.<\/li>\n\n\n\n<li>\u200b<strong>Core Technology:<\/strong> Microsoft Sentinel (SIEM), Defender XDR, Splunk, and KQL\/SPL.<\/li>\n\n\n\n<li>\u200b<strong>Shift Work:<\/strong> Required (24\/7 environment including nights, weekends, and holidays).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bKey Responsibilities: Advanced Detection &amp; Response<\/h2>\n\n\n\n<p>\u200bThis role bridges the gap between initial triage and high-level security engineering, requiring a practitioner who can handle &#8220;real-time&#8221; pressure.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bMicrosoft Sentinel &amp; XDR Operations<\/h3>\n\n\n\n<p>\u200bYou will be a power user of <strong>Microsoft Sentinel<\/strong> and the <strong>Defender<\/strong> suite. This includes utilizing <strong>Log Analytics<\/strong> and writing complex <strong>KQL (Kusto Query Language)<\/strong> and <strong>SPL<\/strong> queries to perform security analytics. You are responsible for implementing SIEM\/SOAR automations that help the SOC scale its response capabilities.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bEnd-to-End Incident Response<\/h3>\n\n\n\n<p>\u200bFollowing the <strong>NIST Incident Response Framework<\/strong>, you will own the lifecycle of an incident. This includes containment (isolating a host), eradication (removing the threat), and recovery. You will also participate in deeper forensic tasks such as <strong>packet analysis<\/strong>, log correlation across disparate sources, and <strong>endpoint forensics<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bThreat Hunting &amp; MITRE Mapping<\/h3>\n\n\n\n<p>\u200bYou will conduct proactive threat hunts to identify anomalies that automated alerts might miss. These hunts are structured using the <strong>MITRE ATT&amp;CK Framework<\/strong>, ensuring that the SOC is looking for specific adversary behaviors like lateral movement or credential dumping rather than just known malware hashes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bRequired Qualifications and Skills<\/h2>\n\n\n\n<p>\u200bQuzara seeks a &#8220;Battle-Tested&#8221; analyst who understands the rigors of regulated and government-sector security operations.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Experience:<\/strong> <strong>5+ years<\/strong> of professional experience as an L2 SOC Analyst.<\/li>\n\n\n\n<li>\u200b<strong>Query Proficiency:<\/strong> Expert-level <strong>KQL and SPL<\/strong> skills are mandatory for investigation and hunting.<\/li>\n\n\n\n<li>\u200b<strong>Technical Breadth:<\/strong> Strong hands-on experience with EDRs (CrowdStrike, SentinelOne) and scripting languages (<strong>Python, PowerShell<\/strong>).<\/li>\n\n\n\n<li>\u200b<strong>Compliance Knowledge:<\/strong> Experience with <strong>DoD, FedRAMP, or CJIS<\/strong> requirements and NIST-based operational compliance.<\/li>\n\n\n\n<li>\u200b<strong>Education &amp; Certs:<\/strong> A relevant degree is expected, alongside certifications such as <strong>GCIH, GCFA, SC-200 (Microsoft Security Operations Analyst), or CySA+<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bSummary of Role Impact<\/h2>\n\n\n\n<p>\u200bAt Quzara, L2 Analysts are the &#8220;defensive backbone.&#8221; Because the firm handles government and regulated clients, the stakes for every incident are incredibly high. Your ability to distinguish a complex &#8220;low-and-slow&#8221; attack from a false positive ensures that critical national infrastructure and sensitive data remain protected. By refining playbooks and conducting post-incident reviews, you directly improve the security posture of both Quzara and its global client base.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u200bQuzara is a specialized cybersecurity firm that focuses heavily on government, DoD, and highly regulated environments. This L2 (Tier 2) SOC Analyst role is a technical escalation point within a 24\/7\/365 Security Operations Center. As an L2, you are expected to move beyond simple alert monitoring into deep-dive forensic analysis, proactive threat hunting, and end-to-end [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[648,44,45],"jobpost_job_type":[39],"jobpost_location":[1041],"jobpost_tag":[1261,3177,4147,2158,2159,1938,1252,4109,81,3178],"class_list":["post-917","jobpost","type-jobpost","status-publish","hentry","jobpost_category-information-technology","jobpost_category-security","jobpost_category-software-engineering","jobpost_job_type-remote","jobpost_location-united-states","jobpost_tag-incident-response","jobpost_tag-kql","jobpost_tag-l2-soc-analyst","jobpost_tag-microsoft-defender","jobpost_tag-microsoft-sentinel","jobpost_tag-mitre-attck","jobpost_tag-nist","jobpost_tag-quzara","jobpost_tag-remote","jobpost_tag-threat-hunting"],"_links":{"self":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost\/917","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/media?parent=917"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_category?post=917"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_job_type?post=917"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_location?post=917"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_tag?post=917"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}