✦ Luna Orbit — Cybersecurity

SOC Analyst T2 – Incident Responder

at Northern Technologies Group

📍 Tampa, FL, US Onsite 💰 $80K – $90K USD / year Posted April 15, 2026
Apply Now → ← Browse All Jobs

Position Details

Salary $80K – $90K USD / year
Type Not Specified
Experience mid
Exp. Years minimum of 5 years of experience in a SOC environment
Education related degree in IT or Cybersecurity, or equivalent Cybersecurity Certifications
Category Cybersecurity

About this role

SOC Analyst T2 – Incident Responder is a Tier 2 technical leadership role in a 24x7 Security Operations Center. The position focuses on advanced threat analysis, incident response, and operating/optimizing SIEM and other security tools, especially Splunk, while mentoring junior analysts.

Key Responsibilities

  • Perform advanced threat analysis and incident investigations
  • Conduct incident response plan execution during breaches
  • Operate and optimize SIEM and security tools (IDS/IPS, EDR, forensic tools)
  • Tune SIEM to improve detection and alerting
  • Lead Tier 2 case triage, escalation, and mentoring

Technical Overview

You will investigate incidents using SIEM platforms (Splunk, Fortinet, Microsoft Sentinel) and support cross-platform tool operation across Microsoft Defender, Wazuh, and Elastic. The role includes SOC tool tuning for detection and alerting, performing case triage/escalation, and coordinating incident response plans using IDS/IPS, EDR, and forensic tooling.

Ideal Candidate

The ideal candidate is a SOC Analyst T2/incident responder with 5+ years of SOC experience and strong advanced threat analysis skills. They can operate and tune SIEM platforms (especially Splunk) and lead Tier 2 incident triage, escalation, and investigations using tools like Microsoft Sentinel, Microsoft Defender, Fortinet, Wazuh, and Elastic. They also provide mentorship to junior analysts and make fast, informed decisions during critical incidents.

Must-Have Skills

5 years of experience in a SOC environmentadvanced cyber threat analysisincident responseoperation and optimization of security tools such as SIEM platformsSplunkincident response investigationTier 2 case triage and escalationSIEM tuning to improve detection and alertingmentoring junior analystsability to reconstruct complexmulti-stage attacks

Nice-to-Have Skills

cross-platform fluency across SplunkMicrosoft SentinelMicrosoft DefenderWazuhand Elasticleading SOC team through mentoring other SOC members

Tools & Platforms

SplunkFortinetMicrosoft SentinelMicrosoft DefenderWazuhElasticSIEMIDS/IPSEDRforensic toolssecurity tools

Required Skills

advanced threat analysisincident response plansSIEMSplunkFortinetMicrosoft SentinelMicrosoft DefenderWazuhElasticIDS/IPSEDRforensic toolstune SIEM toolsalert validationincident investigationTier 2 case triageescalationreconstruct complexmulti-stage attacksidentify indicators of compromiseinsider risks

Hard Skills

advanced threat analysisincident response plansSIEMSplunkFortinetMicrosoft SentinelMicrosoft DefenderWazuhElasticIDS/IPSEDRforensic toolstunecustomizeand enhance SIEM toolsalert validationincident investigationcase triageescalationdocumenting incident rationalereconstruct complexmulti-stage attacksidentify indicators of compromisethreat detection and mitigationsecurity tool operation and optimizationauthorization of disruptive containment actionsinsider risk assessmentvulnerability assessmentsecurity breach response

Soft Skills

technical leadershipmentoringprofessional growth supportcollaborationcontinuous improvementrapidinformed decision-makingteam playercross-platform navigation and managementcommunication with SOC team and managementleadership of SOC team

Certifications

Required

Cybersecurity Certifications (equivalent)

Industry & Role

Industry Defense
Job Function Lead Tier 2 SOC incident response and advanced threat detection using Splunk SIEM and related security tools.
Role Subtype Incident Responder
Tech Domains Cybersecurity, Linux, Windows Server, Microsoft 365

Keywords for Your Resume

SOC AnalystSOC Analyst T2Incident ResponderIncident Responseadvanced threat analysisincident response plansSIEMSplunkFortinetMicrosoft SentinelMicrosoft DefenderWazuhElasticIDS/IPSEDRforensic toolsTier 2 case triagealert validationincident investigationtune SIEMindicators of compromisemulti-stage attacksinsider riskscontainment actionsITIL

Deal Breakers

Must have minimum 5 years of experience in a SOC environment, Must have a related degree in IT or Cybersecurity OR equivalent Cybersecurity Certifications, Must be able to support Tier 2 case triage and escalation

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile