SOC Analyst L2

Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.TM 

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview  

Security Operations Center (SOC) Level 2 Analyst is an intermediate-level cybersecurity professional responsible for deeper analysis and response to security incidents. They build upon the initial findings of Level 1 analysts and focus on refining Security incident detection, triage, actioning remediation steps and resolution. Support/mentor L1 team and handle client/customer calls with excellent communication skills. Also needs to take care fine tuning SIEM Analytical rules & optimizing SOC.

 Key Responsibilities  

• Minimum 5 Plus years of experience in cyber security incident response Guiding L1 on Incident Management/investigation.
• Ability to monitor and analyze Sentinel SIEM, MS Defender endpoint, network (Firewall, PS ), and application logs
• Enhancement to SOC procedures and operation
  • SOC Optimization (Analytical Rules, automation, reports, etc.)
  • Runbooks improvements
  • Creation of SOP documents/KB articles
• QA on analyst incident reporting
  • Checking & reviewing L1 Incidents in Sentinel & SNOW.
  • Verify comments added to the incident (s) & provide constructive feedback.
  • Guide/mentor analyst on process improvements
• Handling escalated incidents
  • Perform actions to contain and remediate security incidents
  • In-depth threat analysis on incident(s)
  • Handling & reviewing VIP/critical/P1 incidents
• Day-to-day operation management
  • Lead shift hand over calls
  • Integrating new tools in SOC
  • Review & Work on the incidents which are escalated by L1 & take actions like Isolate device, soft delete email, Block URL, Block Sender email address etc
  • Lead other functions (Vulnerability Management, Threat Intel,etc.) of SOC
• Run Vulnerability Scan, review the Scan report and walk through the report to the customer.
• Drive Client calls and projects with excellent communication skills
  • Serving as POC for clients
  • Lead client requirements to collaborate with internal teams
  • Attend weekly meetings with clients and provide progress updates.
  • Advising on best practices and security tool implementation.
  • Perform ad hoc tasks as per customer requests.
  • Raise change request for customers to implement the recommendations provided by Threat Vulnerability management to improve the Secure Score of the organization.

What you will bring to the team:

• Minimum 5 Plus years of experience in cyber security incident response Guiding L1 on Incident Management/investigation.
• Experienced in the below tools & technologies:
  • SIEM – Azure Sentinel
  • IDS/IPS (Cisco/Sourcefire/Palo)
  • EDR (MS Defender)
  • Cisco Umbrella & Cisco Firewall
  • Proofpoint
  • Vulnerability Assessment (Nessus)
  • KQL queries 
• Bachelor’s in engineering, BTech, Master’s in CS.

Zones offers a comprehensive Benefits package.

While we’re committed to providing top-tier solutions, we are just as committed to supporting our own teams. We offer a competitive compensation package where our employees are rewarded based on their performance and recognized for the value they bring to our business. Our employees enjoy a variety of comprehensive benefits, including Medical Insurance Coverage, Group Term Life and Personal Accident Cover to handle the uncertainties of life and a flexible leave policy to balance their work life.

At Zones, work is more than a job – it's an exciting career immersed in an inventive, collaborative culture. If you’re interested in working on the cutting edge of IT innovation, sales, engineering, operations, administration, and more, Zones is the place for you!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status or on the basis of disability.