SOC Analyst Tier 2 (L2)

The SOC Analyst Tier 2 is responsible for deeper investigation and analysis of security incidents escalated from Tier 1. The role includes incident response, threat hunting, detection engineering support, and advanced log correlation.

Key Responsibilities

• Investigate escalated security incidents and determine impact
• Perform deep endpoint investigations
• Conduct threat hunting activities across endpoints and network logs
• Analyze attacker behavior, persistence, and lateral movement
• Develop and improve detection use cases and correlation rules
• Tune SIEM and EDR alerts to reduce false positives
• Support containment, eradication, and recovery activities
• Collaborate with IT and infrastructure teams during incidents
• Produce incident reports and root cause analysis
• Generate monthly and quarterly reports

Non-Technical skills

• Excellent analytical and problem-solving skills.
• Strong interpersonal skills to interact with team members and upper management.
• Strong collaborative skills.
• Self-discipline to work according to playbook and time requirements.
• Passion for cybersecurity and staying up-to-date with current threats, tools and techniques.
• Willingness to learn new security technologies, products and incident analysis and response approaches.
• Excellent written and oral communication skills.

Qualifications:

• Minimum of 3-5 years of experience.