SOC Analyst L2

Job Brief

Responsible for managing, configuring and monitoring the different security systems utilized in a SOC environment. This position involves conducting incident response investigations, performing daily operational security-related tasks (monitor, investigate, escalate and respond) and occasionally assisting in penetration testing projects. The position requires working in a high-pressure, 24/7 shift-based work environment.

Key Responsibilities

• Actively monitor security alerts generated by the SIEM and other security tools.
• Conduct in-depth analysis of security incidents, focusing on root cause identification, impact assessment, and potential containment measures.
• Tune and optimize SIEM searches, reports, and dashboards to improve detection accuracy and efficiency.
• Tune and optimize SIEM searches, reports, and dashboards to improve detection accuracy and efficiency.
• Collaborate with other SOC members to manage and respond to security incidents.
• Perform threat hunting and containment activities to identify and mitigate potential threats proactively.
• Leverage threat intelligence feeds to enrich event data and identify emerging threats.
• Provide actionable intelligence by correlating threat information with internal security incidents.
• Develop new use cases, correlation rules, and detection logic within SIEM to improve threat detection.
• Prepare and maintain documentation, such as incident reports, intelligence briefings, and tuning recommendations.
• Provide feedback and recommendations on improving the efficiency and effectiveness of SOC processes.
• Integrate new data sources and refine monitoring use cases.
• Administer and manage FW and WAF solutions, ensuring configurations align with security policies and best practices.