Senior Security Analyst

• As a Level 2 Cyber Defense Operations Center (CDOC) Senior Analyst, you will work in advanced security operations with a focus on SIEM and SOAR technologies, driving detection and response. You’ll be responsible for helping L3 in optimizing detection rules and managing high-severity incidents from triage to resolution.
• Your primary responsibility will be helping Level 1 analyst in analysis of incidents and assisting Level 3 on day-to-day operation.
• This role requires medium level technical expertise, team player quality, and a proactive approach to evolving threats.
  

Qualifications & Experience

• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant certifications (e.g., SANS/GIAC, ECIH, GCIH, CEH, DFIR) may be preferred.
• 4-7 years of total experience in SOC in a large multi-national organization or in a known MSSP. In addition, candidate should possess at least 2 years of working experience on SOAR solutions.
  

Responsibilities

• Run daily SOC operations including SIEM/SOAR tuning, alert triage, and coordinated incident response to ensure effective real-time threat monitoring.
• Handlle end-to-end security incident analysis, containment, mitigation, and reporting, leveraging SIEM/SOAR insights and cross-team coordination for swift resolution.
• Work on high priority incidents or escalated incidents from L1
• Assist L3 in any adhoc investigation, fine-tuning security solution.
• Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities.
• Research emerging threats, vulnerabilities, and attack techniques to improve defenses.
• Document incident response activities and produce detailed reports for stakeholders.
• Conduct post-incident reviews to drive improvements in tools, processes, and readiness.
• Maintain detailed incident records, contribute to reporting, and support audit readiness.
• Guide and train junior analysts, promoting best practices and continuous improvement within the SOC.
• Stay up to date on emerging threats and technologies to continuously evolve SOC capabilities.
• Support comprehensive asset inventory and ownership mapping to ensure full monitoring coverage.
  

Technical & Soft Skills:

• Deep hands-on experience with technologies like SIEM, SOAR, XDR such as Google Chronicle, Crowdstrike Logscale, Splunk.
• Strong working knowledge of endpoint security tools and concepts, including EDR (CrowdStrike, Defender, Cortex), DLP, and MDM.
• Strong knowledge of MITRE ATT&CK, NIST CSF frameworks, and cyber kill chain concepts.
• Good understanding of network security, operating systems, and hybrid cloud environments (Cloud, On-Prem, VDI).
• In-depth knowledge of threat landscapes and technical security concepts.
• Strong grasp of network protocols, OS internals, and security technologies.
• Familiar with compliance standards such as NIST CSF and ISO 27001.
• Ability to work under pressure, especially during critical security incidents.
• Ability to conduct independent research and analysis, identifying issues, formulating options, and making conclusions and recommendations.
• Skilled in developing professional documentation and detailed reporting (including PowerPoint presentations), including policies, standards, processes and procedures
• Very high attention to detail, with strong skills in managing/presenting data and information.
• Demonstrable conceptual, analytical and innovative problem-solving and evaluative skills.
• Good communication and interpersonal skills to effectively collaborate with stakeholders, and internal teams.