SOC Analyst

Systems Limited is seeking an experienced SOC Analyst – Level 2 (Tier 2 / Incident Responder) to strengthen its cybersecurity operations. This role is responsible for advanced threat investigation, incident response, and containment of security incidents.

The candidate will handle escalated alerts from Level 1 analysts, perform in-depth technical analysis, and drive remediation efforts across endpoint, network, and cloud environments. This position serves as the technical backbone of SOC operations and plays a critical role in protecting organizational assets against advanced cyber threats.

Key Responsibilities:

• Lead investigation of escalated security incidents from Level 1 SOC analysts
• Perform root cause analysis and reconstruct attack chains
• Conduct endpoint, network, and cloud-based forensic investigations
• Execute containment and remediation actions including endpoint isolation, account disablement, and IOC blocking
• Develop and optimize custom KQL and detection queries
• Tune SIEM and XDR rules to reduce false positives and improve detection accuracy
• Handle advanced incidents such as ransomware attacks, lateral movement, credential compromise, and data exfiltration
• Map incidents to MITRE ATT&CK framework for structured analysis
• Prepare detailed incident reports and executive-level summaries
• Support proactive threat hunting activities
• Assist with onboarding of new customers and log sources into SOC platforms
• Mentor and guide Level 1 SOC analysts
• Participate in Purple Team engagements alongside Red Team exercises

Requirements:

• 5–6 years of experience in SOC operations or Incident Response
• Strong knowledge of Windows and Active Directory security, network security principles, endpoint security technologies, and cloud security fundamentals (Azure and/or AWS)
• Hands-on experience with SIEM and XDR platforms and understanding of malware behavior and attacker techniques
• Experience across the full incident response lifecycle with the ability to write and optimize detection queries (KQL preferred)
• Strong analytical, documentation, and communication skills

Location: Khi/ Lhr/ Isb