Seneca Resources Company, LLC
Threat Management Specialist (Tier 2)
Seneca Resources Company, LLC, Morrisville, North Carolina, United States, 27560
Position Title: Threat Management Specialist – Tier 2 (SOC Analyst)
Location: Morrisville, NC
Clearance Requirements: Public Trust (required or eligible)
Position Status: Contract
Pay Rate: Competitive (based on experience)
Position Description:
We are seeking experienced Threat Management Specialists (Tier 2) to support a 24x7 Cyber Security Operations Center (CSOC). This role is ideal for senior SOC analysts who excel at deep-dive incident investigations , network traffic analysis , and advanced threat detection , and who are passionate about improving SOC efficiency through automation, AI, and machine learning .
Tier 2 Analysts perform advanced incident analysis by correlating data across network, endpoint, cloud, and email security platforms to determine impact on critical systems and data. Analysts follow established playbooks and SOPs , provide remediation guidance, and collaborate across security operations to enhance detection, response, and automation capabilities.
This role requires the ability to work independently , handle complex investigations, and contribute to continuous SOC modernization efforts.
Shift Options Available:
Evening Shift: 3:30 PM – 11:30 PM ET (Days off: Tuesday & Wednesday)
Overnight Shift: 11:30 PM – 7:30 AM ET (Days off: Saturday & Sunday)
Key Responsibilities:
Perform Tier 2 incident analysis by correlating alerts, logs, and telemetry from multiple security platforms
Analyze network traffic to identify exploits, intrusions, and malicious activity
Assess impact to critical systems and sensitive data during security incidents
Execute incident response activities in accordance with SOC playbooks and SOPs
Escalate complex or high-risk incidents to senior threat management resources as needed
Provide subject matter expertise on network-based attacks, IDS/IPS technologies, and intrusion methodologies
Recommend and enhance detection mechanisms for exploit and intrusion attempts
Monitor, investigate, and respond to alerts across:
Splunk
Proofpoint (email security)
Cisco FirePower
SentinelOne
Microsoft Defender (Endpoint, XDR, Office 365, Cloud Apps)
Azure Entra ID
Google Cloud Security Command Center (SCC)
Perform threat intelligence analysis to assess risk and adapt defensive controls
Tune security policies and improve visibility across cloud and endpoint environments
Identify and support SOC automation and SOAR use cases
Leverage AI/ML-based tools to enhance anomaly detection, incident triage, and threat intelligence
Stay current on emerging threats, adversary techniques, and AI/ML advancements in cybersecurity
Collaborate with cross-functional teams to improve SOC processes, tooling, and response effectiveness
Required Skills / Education:
Experience & Technical Skills:
8–12 years of relevant cybersecurity or IT security experience
Minimum 3+ years in IT security or SOC operations
2+ years of hands‑on network traffic analysis
Strong knowledge of:
TCP/IP fundamentals
Network-level exploits and attack techniques
Threat management and incident response
Boolean logic
In-depth experience with IDS/IPS technologies , including:
Signature-based and anomaly-based detection
IDS/IPS architecture, tuning, and content creation
Hands‑on experience with SIEM, EDR, and email security platforms
Experience securing cloud environments (AWS, Azure, and/or GCP)
Exposure to or hands‑on experience with SOAR platforms and security automation
Working knowledge of AI/ML applications in cybersecurity , such as:
Anomaly detection
Behavioral analysis
Automated incident triage
Threat intelligence enrichment
Strong analytical, documentation, and communication skills
Ability to work independently in an off‑hours SOC environment
Education & Certifications:
Bachelor’s degree from an accredited college or university in a related field
If degree is not security‑related, four (4) additional years of relevant experience may be substituted
One or more preferred certifications:
CISSP
GCED
GSEC
SSCP
About Seneca Resources
At Seneca Resources, we are more than just a staffing and consulting firm, we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact.
When you work with Seneca, you’re choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way.
Seneca Resources is proud to be an Equal Opportunity Employer, committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.
#J-18808-Ljbffr
Location: Morrisville, NC
Clearance Requirements: Public Trust (required or eligible)
Position Status: Contract
Pay Rate: Competitive (based on experience)
Position Description:
We are seeking experienced Threat Management Specialists (Tier 2) to support a 24x7 Cyber Security Operations Center (CSOC). This role is ideal for senior SOC analysts who excel at deep-dive incident investigations , network traffic analysis , and advanced threat detection , and who are passionate about improving SOC efficiency through automation, AI, and machine learning .
Tier 2 Analysts perform advanced incident analysis by correlating data across network, endpoint, cloud, and email security platforms to determine impact on critical systems and data. Analysts follow established playbooks and SOPs , provide remediation guidance, and collaborate across security operations to enhance detection, response, and automation capabilities.
This role requires the ability to work independently , handle complex investigations, and contribute to continuous SOC modernization efforts.
Shift Options Available:
Evening Shift: 3:30 PM – 11:30 PM ET (Days off: Tuesday & Wednesday)
Overnight Shift: 11:30 PM – 7:30 AM ET (Days off: Saturday & Sunday)
Key Responsibilities:
Perform Tier 2 incident analysis by correlating alerts, logs, and telemetry from multiple security platforms
Analyze network traffic to identify exploits, intrusions, and malicious activity
Assess impact to critical systems and sensitive data during security incidents
Execute incident response activities in accordance with SOC playbooks and SOPs
Escalate complex or high-risk incidents to senior threat management resources as needed
Provide subject matter expertise on network-based attacks, IDS/IPS technologies, and intrusion methodologies
Recommend and enhance detection mechanisms for exploit and intrusion attempts
Monitor, investigate, and respond to alerts across:
Splunk
Proofpoint (email security)
Cisco FirePower
SentinelOne
Microsoft Defender (Endpoint, XDR, Office 365, Cloud Apps)
Azure Entra ID
Google Cloud Security Command Center (SCC)
Perform threat intelligence analysis to assess risk and adapt defensive controls
Tune security policies and improve visibility across cloud and endpoint environments
Identify and support SOC automation and SOAR use cases
Leverage AI/ML-based tools to enhance anomaly detection, incident triage, and threat intelligence
Stay current on emerging threats, adversary techniques, and AI/ML advancements in cybersecurity
Collaborate with cross-functional teams to improve SOC processes, tooling, and response effectiveness
Required Skills / Education:
Experience & Technical Skills:
8–12 years of relevant cybersecurity or IT security experience
Minimum 3+ years in IT security or SOC operations
2+ years of hands‑on network traffic analysis
Strong knowledge of:
TCP/IP fundamentals
Network-level exploits and attack techniques
Threat management and incident response
Boolean logic
In-depth experience with IDS/IPS technologies , including:
Signature-based and anomaly-based detection
IDS/IPS architecture, tuning, and content creation
Hands‑on experience with SIEM, EDR, and email security platforms
Experience securing cloud environments (AWS, Azure, and/or GCP)
Exposure to or hands‑on experience with SOAR platforms and security automation
Working knowledge of AI/ML applications in cybersecurity , such as:
Anomaly detection
Behavioral analysis
Automated incident triage
Threat intelligence enrichment
Strong analytical, documentation, and communication skills
Ability to work independently in an off‑hours SOC environment
Education & Certifications:
Bachelor’s degree from an accredited college or university in a related field
If degree is not security‑related, four (4) additional years of relevant experience may be substituted
One or more preferred certifications:
CISSP
GCED
GSEC
SSCP
About Seneca Resources
At Seneca Resources, we are more than just a staffing and consulting firm, we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact.
When you work with Seneca, you’re choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way.
Seneca Resources is proud to be an Equal Opportunity Employer, committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.
#J-18808-Ljbffr