L2 SOC Analyst - Zscaler

Position

Experience

Category

Shift

Main location

Employment Type: Full Time

Education Qualification

Job Summary

We are seeking a highly skilled L2 SOC Analyst with experience in Security Operations, Vulnerability Assessment, and Zscaler technologies. The ideal candidate will be responsible for monitoring security events, identifying threats, managing vulnerabilities, and supporting secure access through Zscaler platforms. This role demands strong analytical skills, a proactive mindset, and the ability to collaborate with cross-functional teams to strengthen the organizations security posture.

Key Responsibilities

• Security Monitoring & Incident ResponseMonitor security alerts and events through SIEM tools (eg, QRadar, Splunk)
• Perform initial triage, classification, and escalation of security incidents
• Investigate security alerts, analyze patterns, and determine potential threats
• Document incidents, findings, and resolutions in accordance with SOC processes
• Support incident response activities, including containment and remediation
• Vulnerability Assessment & ManagementConduct vulnerability scans using tools such as Qualys, Nessus, Rapid7, etc
• Analyze scan results, validate vulnerabilities, and assess business impact
• Work with application, infrastructure, and DevOps teams to track and remediate vulnerabilities
• Prioritize vulnerabilities based on risk scoring (CVSS) and threat context
• Prepare vulnerability reports and dashboards for leadership and stakeholders
• Zscaler (ZIA/ZPA) Security OperationsMonitor and manage Zscaler security alerts, logs, and user activity
• Troubleshoot Zscaler-related issues impacting users or network traffic
• Maintain and optimize Zscaler policies, including URL filtering, threat protection, and access control
• Support onboarding/offboarding activities for Zscaler users and devices
• Work with the network security team to ensure correct routing and policy enforcement
• Threat Hunting & AnalysisPerform proactive threat hunting using SIEM and endpoint tools
• Investigate suspicious behavior, anomalies, and potential compromise indicators (IOCs)
• Recommend enhancements to detection rules and use cases
• Reporting & DocumentationPrepare daily/weekly SOC reports, incident summaries, and vulnerability dashboards
• Maintain accurate documentation for SOPs, incident runbooks, and security workflows
• Present findings to security leadership and recommend improvements

Required Skills & Qualifications

• 2-5 years of experience as a SOC Analyst or Security Operations Engineer
• Hands-on experience with SIEM tools (QRadar, Splunk, Sentinel, etc)
• Strong knowledge of vulnerability scanners (Qualys/Nessus/Rapid7)
• Working experience with Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA)
• Good understanding of firewalls, proxies, DNS, HTTP/HTTPS traffic, and networking fundamentals
• Familiarity with threat intelligence sources and security frameworks (MITRE ATT&CK, NIST)
• Analytical mindset with excellent communication and documentation skills
• Ability to work in 24/7 SOC environments, including rotational shifts

Preferred Qualifications

• Relevant certifications such as:oSecurity+, CEH, CYSA+, GSECoZscaler Certified Administrator (ZCA) or Zscaler Certified Cloud Professional (ZCCP)oQualys/Vulnerability Management certifications
• Experience with EDR tools (CrowdStrike, SentinelOne, Defender ATP)
• Knowledge of scripting (Python, PowerShell) for automation