Job Description

Job Description:

We are seeking a skilled and proactive Cyber Defense Incident Responder (L2) to join our Cybersecurity Operations Center in Greensboro, NC. In this role, you will lead and support cyber monitoring, incident response operations, threat detection, and response activities. This is a highly technical role requiring expertise in network and host-based analysis, automation, and security content development.

Key Responsibilities:

• Execute daily cybersecurity monitoring and incident response operations as per playbooks and checklists.
• Analyze logs, alerts, and vulnerability data; escalate incidents; and follow up on resolution status.
• Collaborate with internal teams and external partners for coordinated incident response.
• Develop and fine-tune detection content, including signatures, rulesets, filters, and alert logic.
• Maintain and enhance automation tools and custom scripts for incident analysis and detection.
• Organize and document detection capabilities, rule configurations, policies, and operational procedures.
• Perform threat intelligence-driven detection and analysis, including IOCs and TTPs.
• Stay current with emerging threats, security advisories, and trends to improve security posture.
• Assist with continuous improvement of the Security Operations Center's processes and capabilities.

Required Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, or a related technical field
• (OR)
• 3–6 years of relevant IT experience with a minimum of 2–4 years in information security or security operations.
• Technical Skills:
• Proficiency in Intrusion Detection Systems (IDS), NetFlow analysis, and log correlation.
• Experience developing and tuning security detection content (e.g., SIEM rules, YARA, Snort/Suricata signatures).
• Strong understanding of Network Security Monitoring (NSM) principles.
• Ability to analyze network traffic, logs, and endpoint data to validate and triage security incidents.
• Familiarity with security tools (e.g., Splunk, Wireshark, Zeek, Elastic Stack).
• Scripting or programming skills for automating detection and analysis (Python, PowerShell, etc.).
• Experience with vulnerability management and threat intelligence applications

Job Tags

Similar Jobs