Senior SOC Analyst

As a SOC Analyst (L2), you will be responsible for validating and investigating

security alerts, correlating telemetry across multiple sources (SIEM/XDR/EDR,

network, cloud, identity, email), and driving incidents through closure with

strong evidence and documentation.

You’ll also contribute to continuous

improvement through detection tuning, enrichment, and proactive threat

hunting.

 Monitor and triage alerts from SIEM/XDR/EDR and supporting security

telemetry; reduce noise through accurate validation.

 Investigate suspicious activity across endpoint, network, identity, cloud,

and email signals; determine scope, impact, and severity.

 Perform deeper analysis using relevant artifacts and logs (e.g., Windows

Event Logs/Sysmon, EDR telemetry, DNS/proxy/firewall logs, O365/Entra ID

logs where applicable).

 Manage incidents end-to-end: build timelines, capture evidence, identify

IOCs/TTPs, and recommend containment and remediation actions.

Escalate high-severity cases to senior analysts/IR with complete context,

evidence, and clear next steps.

 Produce customer-ready incident reports and shift handover notes with

high documentation quality.

 Support ongoing SOC maturity: detection tuning, enrichment, playbook

improvement, and participation in threat hunting activities.What You’ll Need

 3–5 years of SOC experience (MSSP/MDR or internal SOC) with real alert

triage and investigation responsibility.

 Solid understanding of incident response lifecycle and investigation

methodology.

 Strong fundamentals in Windows security and common attack paths (AD

basics), plus networking fundamentals (DNS, HTTP/TLS).

 Experience working with SIEM/XDR and EDR tools and pivoting across

multiple log sources quickly.

 Strong written and verbal communication skills with disciplined case

documentation.

 Certifications such as CompTIA CySA+, BTLO, or equivalent.

 Exposure to cloud and SaaS security telemetry (Microsoft 365, Entra

ID/Azure, AWS, Google Workspace).

 Familiarity with threat intelligence enrichment (IOCs, TTPs, OSINT,

MISP/OpenCTI).

 Basic scripting skills (PowerShell/Python) for investigation support and

automation.

 Competitive compensation + performance growth: Strong base with

clear performance-based progression.

 Training & certification budget: Support for blue-team training and

certifications (platform + investigation-focused).

 Hands-on real incident exposure: Work on diverse environments and

real-world investigations across multiple industries.

 Strong team collaboration: Clear escalation paths, mature runbooks, and

a culture that values evidence-led decisions.

 Career progression: Pathways into Senior SOC Analyst / Threat Hunter /

IR Analyst / Detection Engineer.