Add expected salary to your profile for insights
This is a SOC L2 position that will be integral part of 24 / 7 SOC monitoring. SOC L2 analyst will function as shift subject-matter experts (SMEs) and lead on incident detection and analysis techniques.
Key Responsibilities
- Collaboration and Escalation
To timely response to security alerts using a combination of technology solutions and a complete & reliable set of documented processes on a 24 x 7 x 365 basis
Act as a point of escalation for Level-1 analysts in 12-hour shift rotationEscalate suspected incidents to L3 with detailed analysis and actionable recommendations.Interfaces and collaborate with other teams for incident escalations and resolutionWork closely with SOC Head to better security operations and address identified deficienciesIn‑Depth AnalysisPerform due diligence and in‑depth analysis on escalated security alert from Level‑1 analyst and mitigate incidents to the respective team in a timely manner
Assist in threat hunting activities to identify potential vulnerabilities.Incident Response : Involve in incident response steps, perform root cause analysis and recommend solutions to mitigate risksCoaching and mentoringSupport Level‑1 alert analysis by providing advanced analysis services to include recommending containment and remediation processes and independent analysis of security events
Mentoring Level‑1 analyst to improve detection capability within the SOC and feedback on work qualityChallenge and suggest improvement on existing processes and procedures in a very agile and fast‑moving information security environmentReceive and review tuning request from Level‑1, provide recommendations in use case tuning and optimization of security systemsDocumentation & Reporting : Ensure all relevant processes are documented, complete, accurate and updated at least on a yearly basis or as and when any changesOther Skills Required
Demonstrated ability to work in a team environment, train and coach other team membersExperience with investigating using a wide variety of detective technologies such as SIEM, packet capture analysis, host forensics and memory analysis toolsUnderstanding and knowledge of threat landscape in terms of the tools, tactics, and techniques of attacksExcellent analytical and problem‑solving skillsGreat communication skills, both written and verbalAbility to effectively communicate technical and non‑technical issues both verbally and in writingHands‑on experience in working with Security Operation CentreRelevant technical and industry certifications are a plus, e.g. SANS certifications
#J-18808-Ljbffr
