Analyst - SecOps

Job Description

We are seeking a highly skilled SOC Level 2 Analyst to join our global Cyber Operations team. This role is essential for maintaining our organization s security posture through continuous monitoring, detection, and response. The SOC Analyst II will operate on a rotating 24x7 shift schedule, including night shifts. Ideal candidates will have a strong background in SOC operations, incident response, and expertise in various cybersecurity tools and technologies. What you will be doing: Threat Detection and Incident Response: Monitor, analyze, and respond to global security alerts using SIEM/SOAR tools. Triage with sandboxing technologies Analyze with threat intelligence tools Investigate and respond to security events, implementing containment and recovery strategies. Expedite with AI/ML workflows and capabilities Utilize KQL for querying and correlating data to identify and address threats. Develop and manage automated detection rules and playbooks in Microsoft Sentinel. Employ Microsoft Defender and MS Purview Data Loss Prevention (DLP) tools to enhance endpoint protection and data security. Threat Hunting and Data Forensics: Conduct proactive threat hunting and data forensics to uncover potential threats. Utilize advanced threat intelligence platforms to inform and refine threat detection strategies. Develop and execute SOC playbooks to improve response and operational efficiency. Team Collaboration and Leadership: Triage and assist on complex incidents and investigations. Collaborate with USA Security escalation teams and departments to enhance overall security posture. Assist in developing and refining SOC procedures and best practices. Career Development: Opportunities for progression to SOC Lead and Architect roles. Access to continuous learning, certifications, and professional development resources. Regular performance reviews to discuss career growth and advancement. What we are looking for : Qualifications: Preferred Bachelor s degree in Computer Science, Cybersecurity, or a related field. 3-5 years of experience as a SOC analyst, preferably with lead responsibilities. Strong knowledge of KQL (Kusto Query Language) for querying and analyzing security data. Hands-on experience with Microsoft Sentinel, including rule creation, playbook implementation, and workbooks. Proficiency in Microsoft Defender and MS Purview Data Loss Prevention (DLP). Certifications such as CISSP, CEH, or CompTIA Security+ are a plus. Core Technologies and Expertise Required: Microsoft Sentinel: Experience with SIEM, rule creation, playbooks, and workbooks. KQL (Kusto Query Language): Proficiency in querying and data correlation. Microsoft Defender: Expertise in endpoint protection and threat detection. MS Purview Data Loss Prevention (DLP): Experience with data protection and loss prevention strategies. Incident Response Tools: Knowledge of containment and recovery strategies. Vulnerability Management Tools: Experience in assessments, penetration tests, and threat monitoring. Threat Intelligence Platforms: Ability to leverage and analyze threat intelligence. Network Security: Working knowledge of firewalls, IDS/IPS, and network security protocols. Data Forensics: Proficient in data forensic analysis and investigation. SOC Playbooks: Proficient in creating and managing SOC playbooks. Additional Skills: Strong understanding of incident response processes and procedures. Excellent analytical and problem-solving skills. Ability to work within a well-managed team Shift Coverage: Rotational 24x7 shifts.