SOC Analyst L2
Client of emploipartner
Employer Active
Posted 4 hrs ago
Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
Advanced monitoring and detection:
- Monitor and utilize alerts from security tools (SIEM, EDR, NDR, Firewall, sandbox, etc.).
- Ensure the quality and relevance of the reported events (logs, correlation, use cases).
- Identify detection gaps and propose improvements.
Analyse & investigation
- Conduct thorough investigations into security incidents.
- Analyze suspicious behavior and identify attack techniques (TTP).
- Correlate multi-source events to reconstruct attack chains.
- Perform detailed analyses (full timeline, pivoting, IOC/IOA).
- Validate or invalidate alerts raised by L1 analysts.
Incident Response
- Manage level 2 security incidents.
- Define and recommend appropriate remediation actions.
- Supporting technical teams in resolving incidents.
- Escalate critical incidents to L3 or SOC manager.
Threat Intelligence & Threat Hunting
- Leveraging Threat Intelligence sources to enrich analyses.
- Participate in Threat Hunting activities (proactive threat search).
- Identify new indicators of compromise (IOCs) and attack scenarios.
- Monitor the evolution of threats and adapt detection capabilities.
Continuous improvement
- Actively participate in the tuning of SIEM rules (reduction of false positives, improvement of detection).
- Develop and optimize detection use cases.
- Contribute to the writing and improvement of SOC playbooks.
- Propose areas for improvement in SOC processes and tools.
Coordination & support
- Provide technical support to L1 analysts.
- Participate in handovers and incident coordination.
- Collaborating with IT teams (network, systems, cloud, dev).
- Contribute to the upskilling of teams (knowledge sharing).
Reporting
- Document investigations and incidents in detail.
- Produce clear and actionable incident reports.
- Ensure full traceability of actions performed.
Desired Candidate Profile
Bac+5 (Master 2) in cybersecurity or equivalent field.
- Minimum 1 to 4 years of experience in cybersecurity, including experience in a SOC.
- Solid understanding of information systems and network architectures.
- Excellent log analysis capabilities (Windows, Linux, security solutions).
- Good command of the MITRE ATT&CK framework.
- Advanced experience with SIEM, EDR/XDR, and NDR tools.
- Good knowledge of attack techniques (lateral movement, persistence, privilege escalation).
- Proficiency in network protocols: TCP/IP, DNS, HTTP, SMTP.
- Experience in security investigation and incident response.
- Knowledge of Threat Hunting and behavioral analysis.
- Certifications: GCIA, GCIH, CEH, Security+, or equivalent.
- Scripting skills (Python, PowerShell, Bash).
- Knowledge of Cloud and Datacenter environments.
- Experience with SOAR tools.
- Technical English (written and read).
- Analytical mind and ability to conduct thorough investigations
- Autonomy and initiative
- Ability to manage complex incidents
- Team spirit and teaching
- Rigour and a sense of responsibility
- Organisation
- Rotating (shift) position, which may include on-call duty, nights, weekends and public holidays depending on the SOC organization.
Company Industry
- IT - Hardware & Networking
Department / Functional Area
- IT Software
Keywords
- SOC Analyst L2
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com
Client of emploipartner