Job Description

Ensign is hiring !

Job Summary:

The Security Analyst Level 2 (L2) is responsible for investigating, analyzing, and responding to security events and incidents escalated from Level 1 analysts. This role requires a strong technical background, analytical thinking, and hands-on experience in threat detection, incident response, and security monitoring. The L2 analyst plays a critical role in containing threats and improving the organization’s security posture.
 

Key Responsibilities:

• Triage and investigate escalated alerts from L1 analysts to determine the nature and severity of potential threats.

• Perform in-depth analysis of network traffic, security logs, and system events.

• Conduct malware analysis and forensic investigations as needed.

• Document and escalate verified incidents to the Incident Response team.

• Provide guidance and mentorship to L1 analysts.

• Recommend and implement detection improvements and playbook enhancements.

• Collaborate with other teams (IT, Threat Intel, IR) for comprehensive response efforts.

• Participate in root cause analysis and post-incident reviews.

• Continuously update knowledge on current threats, tactics, and procedures (TTPs).

Requirements:

• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent work experience).

• 3+ years of experience in a SOC or similar security role.

• Strong understanding of security technologies: SIEM, IDS/IPS, firewalls, EDR, etc.

• Experience with tools such as Splunk, Sentinel, QRadar, CrowdStrike, Carbon Black, or similar.

• Familiarity with MITRE ATT&CK framework, NIST, and incident handling frameworks.

• Ability to analyze logs, packets, and indicators of compromise (IOCs).

• Solid problem-solving and communication skills.

• Relevant certifications (e.g., CompTIA Security+, CySA+, GCIA, GCIH, or equivalent) are a plus.

Job Requirements