SOC - L2 Analyst

Job Overview:

The SOC L2 Analyst plays a key role in the Security Operations Center by providing advanced analysis, investigation, and response to security incidents. This role involves handling escalated incidents from the L1 team, conducting deep-dive investigations, and collaborating on threat hunting and proactive defense measures. The ideal candidate should have solid experience in cybersecurity, strong technical expertise, and the ability to mentor junior analysts.

Key Responsibilities:

• Analyze and investigate escalated security incidents from the L1 team.
• Perform in-depth threat analysis and root cause investigation for security events.
• Develop and fine-tune detection rules and use cases in SIEM tools.
• Collaborate with L3 analysts and incident response teams for advanced investigations.
• Provide guidance and mentorship to L1 analysts.
• Document detailed findings, impact assessments, and remediation steps.
• Assist in creating and maintaining playbooks and standard operating procedures.
• Participate in threat intelligence gathering and proactive threat hunting.
• Ensure timely and accurate escalation of critical incidents.

Required Skills/Technologies/Tools:

• Strong understanding of cybersecurity concepts, frameworks, and methodologies.
• Advanced experience with Security Information and Event Management (SIEM) tools like Splunk, Sentinel, or ELK.
• Proficiency in incident response, threat hunting and playbook creation.
• In-depth knowledge of network protocols, firewalls, and security controls.
• Hands-on experience with EDR and vulnerability management tools.
• Ability to analyse logs and correlate events for accurate threat detection.
• Strong problem-solving, critical thinking, and analytical skills.
• Excellent communication and technical documentation abilities.
• stakeholders.

Good to have Technologies/Tools

• They should have excellent knowledge of threat hunting, along with expertise in threat intelligence platforms and playbook creation, as well as certifications like CTIA or any other related certification.

Interested candidates can share your updated CV at ishwarya.k@sq1.security