SOC Analyst

The primary objective of the Level 2 SOC Analyst is to monitor and defend the organization against cyber threats by identifying, analyzing, and responding to security incidents. The analyst escalates incidents from Level 1 analysts and employs more advanced strategies to mitigate and prevent security breaches.

Key Responsibilities:

• Incident Handling and Response: Investigate and analyze complex security incidents escalated from Level 1 analysts. Develop and implement strategies for containment, eradication, and recovery from security incidents. Coordinate with other teams for incident resolution.
• Threat Intelligence: Utilize threat intelligence to identify and mitigate potential threats before they impact the organization. Share actionable intelligence with relevant stakeholders.
• Security Monitoring: Perform advanced monitoring of security events from various sources including SIEM (Security Information and Event Management) systems, endpoint detection and response platforms, and network security devices.
• Forensic Analysis: Conduct detailed forensic analysis of digital information and gather evidence related to security incidents. Utilize forensic tools and techniques to uncover the root cause of cyber attacks.
• Vulnerability Management: Participate in vulnerability assessments and penetration testing activities. Analyze results and recommend remediation actions to improve the organization's security posture.
• Security Tools and Technologies: Administer and fine-tune security tools and technologies to enhance the detection and response capabilities of the SOC.
• Documentation and Reporting: Prepare detailed incident reports and documentation. Develop and maintain SOPs (Standard Operating Procedures) for incident response and other SOC processes.
• Security Awareness and Training: Contribute to security awareness programs and provide training to Level 1 analysts and other stakeholders within the organization.
• Continuous Improvement: Continuously improve the security posture of the organization by staying updated on the latest cybersecurity trends, tools, and best practices.
• Recommend improvements to SOC processes and technologies. Qualifications: • Bachelor's degree in Computer Science, Information Security, or a related field.

Requirements:

• Relevant certifications such as CISSP (Certified Information Systems Security Professional), CEH (Certified Ethical Hacker), or GCIH (GIAC Certified Incident Handler) are highly desirable.
• Minimum of 3-5 years of experience in cybersecurity, preferably in a SOC environment.
• Strong understanding of network protocols, operating systems, and secure architectures.
• Proficiency in using security tools and technologies such as SIEM, IDS/IPS, EDR, and forensic software.
• Knowledge of cloud security tools and platforms and experience in conducting incident response activities in cloud environments is highly beneficial.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.

Working Conditions: This position may require working in shifts, including nights, weekends, and holidays, to ensure 24/7 coverage of the SOC. The analyst may be required to be on-call for responding to critical security incidents outside of normal working hours.