L2 Security Operations Center

About the Role
We are seeking a skilled and self-motivated
Level 2 SOC Analyst
to take a leading role in cyber threat operations within our MSSP SOC environment. This role also involves operating as a
Subject Matter Expert (SME)
and mentoring junior L1 analysts.
As a key member of our Security Operations Center, you will play a critical role in monitoring, detecting, investigating, and responding to security threats across a diverse range of client environments, including
Government, Finance, Legal, Aviation, Logistics , and more. This diversity provides a unique opportunity to accelerate your growth as a
threat analyst
and
incident responder .
As a senior analyst, you are expected to respond to
high-priority escalated cases outside of standard working hours , as part of an on-call rotation or in urgent scenarios requiring expert intervention. Your involvement will play a pivotal role in ensuring timely intervention to cyber threats for our customers.
Key Responsibilities
Leadership
Lead daily SOC operations, ensuring incident SLAs are met
Mentor junior L1 analysts in triage methods, threat detection/validation and incident response
Threat Management
Able to perform proactive threat investigation & response using MITRE attack framework, NIST framework and other threat intelligence sources
Review all escalations from L1 analysts, ensure comprehensive analysis and daily update to SOC Manager
Identify and implement improvement to reduce false positives, ensuring SOC’s efficiency
Timely update to documentation, processes and workflows for continuous improvement
Timely escalation to SOC Manager for qualified incident and attend War room including after office-hours when required.
SIEM / SOAR / Ticketing and Incident Response
Design and enhance playbook, runbook and use cases based on investigations.
Triage security events and incident response using playbook.
Operate in-house SIEM for investigations and monitoring
Review all cases within case management system and ensure proper incident tracking, escalation and resolution till case closure
Able to lead the investigation in the event of threat, assisted by L1 Analyst, and provide timely update to SOC Manager
Cyber Threat Intelligence
Research in threat intelligence to strengthen SOC capabilities for detecting cyber-attacks.
Share threat intelligence news and keep abreast of latest cyber news so that the team is informed about new threats and attack methods
Security Operations Excellence
Improve standard operating procedures (SOP)
Compile and present monthly SOC threat reports and gap analysis to customers
Improve SOC processes on an ongoing basis
Monitor SOC workflow and suggest improvements
Who We\'re Looking For
Required
Diploma or Degree in Computer Science, or related field.
MUST
have at least 2 years of experience working in MSSP SOC or 3 years experience working in in-house SOC.
Experience with tools such as SIEM, EDR, NDR, XDR, IDS, IPS, Firewalls, Email Security and Web Security.
Good understanding of computer networking, TCP/IP, subnets, routing and switching.
Experience in security event analysis, incident handling, root cause analysis.
MUST
have either one of them :- CCNA, Comptia Network+, Comptia Security+, ISC2 CC, EC-Council C|ND, EC-Council E|CIH, EC-Council C|SA
Experience and knowledge in Cloud Environments such as AWS, GCP, Azure, Alibaba Cloud, will be an added advantage.
Strong analytical and problem-solving skills, with the ability to quickly identify and resolve security issues.
MUST
be willing to be on stand-by after office-hours on rotational basis for any threat escalation by L1 Analyst.
#J-18808-Ljbffr