Security Operations Center Analyst

Job Title: Security Operations Analyst – Level 2

Location: Cincinnati, OH

Come join us:

Vernovis is looking for a Level 2 Security Operations Analyst who will be primarily responsible for maintaining and enhancing our clients’ operating environment consisting of security technologies. You will collaborate with Tier 1 analysts, senior engineers, and other security team members to investigate escalated incidents, continuously improve visibility, detect and prevent threats, and provide in-depth reporting to protect our client’s Customer IP, Employee data, and support both IT and Regulatory Initiatives.

What You'll Do:

• Perform advanced investigation and analysis of escalated security incidents from Tier 1 analysts, including complex malware, phishing, insider threats, and advanced persistent threats (APTs).
• Lead and coordinate incident response efforts through all phases.
• Utilize Security Information and Event Monitoring (SIEM) and UEBA tools to conduct in-depth log analysis, correlate events, and identify suspicious patterns or anomalies.
• Proactively hunt for threats by identifying patterns and indicators of compromise (IOCs) using SIEM, EDR, and other tools.
• Security Tool Tuning: Collaborate with engineering teams to tune and optimize security tools (SIEM, EDR, DLP) to reduce false positives and improve detection capabilities.
• Conduct forensic investigations, including file analysis to determine the scope and impact of incidents.
• Collaborate with GRC team to prioritize and track resolution of vulnerabilities.
• Create detailed incident reports, including analysis and recommendations. Contribute to playbooks, processes, and knowledge base documentation.
• Work closely with Tier 1 analysts, providing guidance and mentorship, and assisting with skill development and knowledge sharing.
• Identify areas for security improvement and collaborate with cross-functional teams to enhance security posture.

What You'll Have:

• Proven experience handling escalated security incidents and performing in-depth investigations.
• Proficiency in analyzing logs, correlating events, and creating custom queries/rules in SIEM and EDR platforms.
• Strong ability to perform TCP/IP packet analysis and conduct email investigations to detect and analyze phishing or malware attempts.
• Experience with Data Loss Prevention (DLP), file movement monitoring, and performing digital forensics investigations.
• Strong understanding of MITRE ATT&CK techniques and tactics, including mapping incidents to tactics and techniques.
• Familiarity with network concepts (firewalls, VPNs, routing/switching) and Windows/Linux system administration.
• Experience with scripting languages (e.g., Python, PowerShell) to automate repetitive tasks and improve efficiency.
• Strong written and verbal communication skills with the ability to collaborate with technical and non-technical teams.
• US citizenship is required.
• Desired Qualifications:
• Experience with SOAR platforms for automated response and playbook execution.
• Familiarity with Intrusion Detection and Prevention Systems (IDS/IPS).
• Experience with cloud security monitoring (e.g., Azure, AWS).
• Knowledge of identity and access management (IAM) concepts.
• Industry security certifications (GCIH, GCFA, CySA+, CISSP) preferred.
• Understanding of MITRE ATT&CK framework

The Vernovis Difference:

Join our collaborative work environment so that we can all do our best work and learn from each other. Our core values fuel our decisions and guide our actions:

• Integrity – an uncompromising commitment to honesty and strong moral principles.
• Collaboration – a reliance on openness, knowledge sharing, focus and accountability to achieve shared goals.
• Extraordinary Service – a fundamental belief that we are in business to serve both clients and candidates in ways that exceed their expectations.

Vernovis does not accept inquiries from Corp to Corp recruiting companies. Applicants must be currently authorized to work in the United States on a full-time basis and not violate any immigration or discrimination laws.

Vernovis provides equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, religion, sex, national origin, age, citizenship, disability, veteran status, or any other protected status.