SOC L2 Engineer

L2 Engineer

Requirement

Experience

7-8+ years of experience in SOC operations, focusing on Level 2 incident handling.

Availability 24x7 Onsite (Shift-based work in the Customer SOC).

Core Mandate

Advanced troubleshooting, incident resolution, root cause analysis (RCA), and defined escalation management.

Key Responsibilities:

• Act as the primary escalation point from L1, taking ownership of declared incidents for in-depth investigation.
• Perform advanced analysis of security events to determine scope, severity, and impact.
• Engage with the event triage process to assign events/alerts to specific teams for investigation with defined escalation paths (internal or external).
• Perform Emergency Response actions, including supporting containment and eradication efforts.
• Resolve the incident with comprehensive analysis and documentation.
• Provide detailed Root Cause Analysis (RCA) and trend analysis for all major and recurring incidents.
• Receive, document, and report cyber security events and incidents accurately.
• Maintain and contribute to the incident response knowledge base and runbooks.

Required Skills:

• Expertise in forensic analysis across various platforms (endpoint, network, cloud).
• Deep understanding of MITRE ATT&CK framework and threat intelligence integration.
• Advanced scripting/automation skills for response actions (SOAR integration
• Certificates
• CompTIA CySA+ (Emphasizes behavioral analytics, threat detection, and incident response).

* Certified Ethical Hacker (CEH) (Understanding attacker methodology is key for defense).
* GIAC Certified Incident Handler (GCIH) or EC-Council Certified Incident Handler (ECIH) (Focus on hands-on incident response).* GIAC Security Operations Certified (GSOC) (Advanced blue team operations).
* GIAC Certified Detection Analyst (GCDA) (Focus on detection engineering).
* Vendor-Specific Certs: Microsoft Sentinel Certified, IBM Certified SOC Analyst – QRadar SIEM or other specific SIEM/tool training, Qualys Vulnerability Tool.

Job Type: Full-time

Ability to commute/relocate:

• Dubai: Reliably commute or planning to relocate before starting work (Required)

Application Question(s):

• What is your current salary?
• what is your expected salary?
• what is your notice period?

Education:

• Bachelor's (Required)

Experience:

• SOC L1: 5 years (Required)