الوصف الوظيفي
About the RoleSWATX is seeking an experienced and dedicated Information Security Analyst - L2 to join our cybersecurity team. As an L2 Security Analyst, you will play a critical role in monitoring, analyzing, and responding to security events to protect our infrastructure and sensitive information. You’ll work on identifying and mitigating threats, conducting forensic analysis, and supporting ongoing security initiatives. This position is ideal for someone with experience in security operations who is passionate about staying ahead of cyber threats.Key Responsibilities Threat Detection & Analysis: Actively monitor security events using Security Information and Event Management (SIEM) tools to detect and analyze threats in real time. Incident Response: Lead in-depth investigations into security incidents, determining the root cause, scope, and impact, and provide remediation recommendations. Escalation Support: Collaborate with L1 analysts to review escalated issues, guiding them on appropriate responses and further escalating to L3 or management if needed. Vulnerability Management: Assist in vulnerability assessments and penetration testing to identify and mitigate potential security risks. Security Infrastructure: Configure and maintain security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection. Forensic Analysis: Conduct forensic investigations on security incidents to understand the full impact and provide insights for preventive measures. Documentation: Maintain and update incident records, threat intelligence reports, and detailed documentation on threat detection and mitigation processes. Qualifications Experience: 2-4 years of experience in information security, cybersecurity operations, or incident response, preferably within a Security Operations Center (SOC). Education: Bachelor’s degree in Information Security, Computer Science, or a related field is preferred. Technical Skills: Proficiency with SIEM tools (e.g., Splunk, QRadar, LogRhythm) and other security monitoring solutions. Strong knowledge of firewalls, IDS/IPS, endpoint protection, and vulnerability management. Familiarity with scripting languages (Python, PowerShell) for automation is a plus. In-depth understanding of network protocols, cyber threat vectors, and incident handling procedures.