Cybersecurity Defense SOC Analyst (L2)

Position Overview

This is an opportunity to join Ascot Group – one of the world's preeminent specialty risk underwriting organizations. Designed as a modern-era company operating through an ecosystem of interconnected global operating platforms, Ascot is defined by a collaborative, inclusive, and entrepreneurial culture that values underwriting excellence, integrity, and innovation.

As part of our 24x7 Cybersecurity Defense function, the SOC Analyst (L2) will investigate security incidents, enhance detection content, and support comprehensive monitoring, detection, and incident response activities. This role acts as an escalation point for L1/L2 SOC Analysts, collaborating with cybersecurity managers, IT Infrastructure, and Deskside Support Teams in a hybrid work environment.

Key Responsibilities

• Monitor security tools to triage and respond to suspicious events and abnormal activities, performing deep-dive incident investigations.
• Serve as the escalation point for L1/L2 SOC Analysts and the primary contact for the MSSP, coordinating response efforts with stakeholders across IT, Legal, and business functions.
• Develop and implement advanced security protocols and incident response procedures to improve threat intelligence processes.
• Stay current with emerging threats, vulnerabilities, tools, technologies, and threat actor TTPs to enhance detection and response capabilities.
• Provide oversight and governance of the MSSP and SOC team’s daily global operations.
• Mentor and train junior SOC team members.
• Develop and refine run books and playbooks for incident response and threat detection, including technical analysis, log reviews, and assessments.
• Collaborate with end users on security-related incidents and request workflows.
• Document and manage incident cases for stakeholder engagement, offering insights, recommendations, risk reporting, and lessons learned.
• Adhere to scheduled shift patterns as required.
• Conduct in-depth security investigations, including log analysis, network/email traffic assessment, and root cause evaluation for evidence and mitigating actions.
• Implement detection use cases within the SIEM using appropriate scripting languages.
• Manage log sources, log ingestion volumes, detection content, and ensure overall SIEM solution health, maintenance, and upgrades.
• Assist with ad hoc projects as required.

Required Qualifications

• Cybersecurity related bachelor's degree or a related field.
• Minimum of 8 years of experience in a security operations role, SOC engineering, or cybersecurity technical engineering role.
• Experience in building and migrating log sources onto a new SIEM platform, creating detection content, log parsers, and detection engineering; or extensive senior technical experience in an MSSP.
• Relevant technical and cybersecurity certifications such as CompTIA Security+, Certified SOC Analyst (CSA), Certified Ethical Hacker (CEH), CySA+, CISSP, GSEC, GCIH, CCSP, Microsoft SC-200, CISSP-ISSMP, CTIA, or OSCP.
• Proven experience with on-premises and cloud hosting, Windows and Linux operating systems, Microsoft Azure, and M365, with the ability to detect signs of compromise in these systems.
• A growth mindset and willingness to learn how to resolve technical security issues.
• Demonstrated genuine interest and talent in cybersecurity, with a detail-oriented and structured approach.
• Ability to remain calm and structured under pressure while effectively troubleshooting and analyzing data.
• Strong written communication, critical thinking, and analysis skills, with the ability to present complex issues to non-technical audiences.
• Solid understanding of key security concepts and attack types, including phishing, malware, vulnerabilities, and the Cyber Kill Chain.
• Experience with security tools and technologies, including SIEM, intrusion detection systems, EDR, XDR, log analysis, and malware analysis.
• Familiarity with threat actor tactics, the MITRE-ATT&CK Framework, and various stages of an attack lifecycle.
• A continuous desire to learn with a curious and creative growth mindset.
• This position may be filled at a different level, depending on experience.

Compensation

Actual base pay may vary based on experience, subject matter expertise, and skills. The base pay is just one component of Ascot's total compensation package, which may also include an annual cash bonus and other forms of discretionary compensation.

The salary range for this role in the NY Metro and Chicago, IL area is $105,000 - $120,000.

Benefits & Perks

• Health and Welfare Benefits: Medical (including prescription coverage), Dental, Vision, Health Savings Account, Commuter Account, Health Care and Dependent Care Flexible Spending Accounts, Life Insurance, AD&D, Work/Life Resources (including Employee Assistance Program), and more.
• Leave Benefits: Paid holidays, annual Paid Time Off (including paid state/local leave where required), Short-term Disability, Long-term Disability, and other leaves (e.g., Bereavement, FMLA, Adoption, Maternity, Military, Primary & Non-Primary Caregiver).
• Retirement Benefits: Contributory Savings Plan (401k).