SOC Analyst – Tier 2

Yesterday

Apply Now

Receive Emails with Similar Jobs

Keeper Security, Inc.

WebsiteLinkedInAll Job Openings

Cybersecurity • Enterprise • SaaS

Keeper Security, Inc. is a leading cybersecurity company known for its comprehensive and AI-enabled platform designed to protect individuals and enterprises from data breaches and ransomware. Their wide array of products includes a password manager, privileged access manager, secrets manager, and remote browser isolation services, among others. They focus on zero-trust security models, offering solutions for password management, secrets management, secure remote access, and compliance. The company serves a global clientele, safeguarding millions of users, and is recognized for its strength and cost-efficiency in password and secrets management solutions.

201 - 500 employees

Founded 2011

🔒 Cybersecurity

🏢 Enterprise

☁️ SaaS

📋 Description

• - Lead end-to-end execution of complex DevOps and infrastructure programs, including perform in-depth triage and analysis of escalated alerts to determine scope, impact and root cause • - Lead response actions such as isolating hosts, revoking credentials or blocking network indicators • - Examine endpoint, network and cloud logs to reconstruct attack timelines and adversary behaviors • - Execute and enhance incident response playbooks, detection rules and escalation criteria • - Maintain operational command during assigned shifts, ensuring situational awareness, incident logging and proper shift handovers • - Conduct proactive threat hunting for suspicious activity and emerging indicators of compromise • - Validate data integrity from security tools (SIEM, EDR, IDS, etc.) and assist with tuning or integrations • - Partner with IT, DevSecOps and compliance teams to mitigate vulnerabilities and improve defenses • - Produce high-quality incident reports, lessons learned and recommendations for leadership

🎯 Requirements

• - Bachelor’s degree in Cybersecurity, Computer Science or related field, or equivalent practical experience • - 2–4 years in a SOC, incident response or cyber defense role • - Experience with SIEM platforms (e.g., Splunk, Sumo Logic, Sentinel) and EDR technologies • - Strong understanding of MITRE ATT&CK, threat actor TTPs and multi-source log correlation • - Hands-on experience analyzing network traffic, endpoint behavior and cloud telemetry • - Familiarity with scripting for automation and analysis (Python, PowerShell or Bash) • - Strong written and verbal communication skills for incident reporting and coordination • - Certifications such as GCIA, GCIH, CySA+, CEH or equivalent (preferred) • - Experience with SOAR platforms, automation pipelines and threat intelligence enrichment (preferred) • - Familiarity with AWS Security Hub, GuardDuty or other cloud-native security services (preferred) • - Background in root cause analysis, purple-team exercises or tabletop simulations (preferred) • - Experience supporting regulated environments (SOC 2, FedRAMP, ISO 27001, etc.) (preferred)

🏖️ Benefits

• - Medical, Dental & Vision (inclusive of domestic partnerships) • - Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life • - Voluntary Short/Long Term Disability Insurance • - 401K (Roth/Traditional) • - A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc) • - Above market annual bonuses