L2 Security Operation Analyst

We are seeking a proactive and experienced L2 Security Operations Analyst to join our Security Operations Centre (SOC) team. In this role, you will play a crucial part in detecting, analyzing, and responding to cybersecurity incidents across a hybrid infrastructure that includes AWS Cloud, on-prem infrastructure, and various endpoint systems like Linux, Windows, and macOS. Your expertise with SIEM, EDR, firewalls, and cloud-native security tools, combined with a deep understanding of threat landscapes and incident response processes, will be essential. As an L2 Security Operations Analyst, your responsibilities will include acting as the primary escalation point for the L1 team, investigating, validating, and escalating security alerts, monitoring and analyzing security events from multiple sources, triaging security alerts, correlating data to identify malicious activity patterns, refining detection use cases, updating incident response runbooks, developing automation using SOAR platforms, documenting incidents and root cause analysis, providing status reports and metrics, and collaborating with various teams for investigation and remediation. To qualify for this role, you should have a Bachelor's degree in information security, Computer Science, or a related field, along with 3-6 years of experience in a SOC or cybersecurity operations role. Proficiency in SIEM tools such as Sentinel and Splunk, hands-on experience with EDR/XDR platforms like CrowdStrike and Sentinel One, a strong understanding of network protocols, operating systems, malware analysis, and threat actor behavior, familiarity with frameworks like MITRE ATT&CK and NIST CSF, incident response and investigation skills, and experience with ticketing systems and incident tracking tools are required. If you are looking to join a dynamic team and contribute your expertise to enhancing our cybersecurity posture, we encourage you to apply for the L2 Security Operations Analyst position at mPokket.,