SOC Analyst L2

Company Description

Role Description

SOC Analyst – Level 2

Key Responsibilities

• Investigate and analyze escalated security alerts from SIEM, EDR, cloud security, and other monitoring tools.
• Validate suspicious activity, determine incident severity, and assess potential business impact.
• Perform detailed incident investigation, including log analysis, endpoint analysis, timeline reconstruction, and threat correlation.
• Provide clear escalation context and technical recommendations for complex or high-impact incidents.
• Guide and support L1 analysts during triage, investigation, and documentation activities.
• Contribute to detection tuning, false-positive reduction, and improvement of SOC playbooks and procedures.
• Support threat hunting and threat analysis activities based on emerging attack techniques and observed security events.
• Document investigation findings, incident timelines, response actions, and lessons learned.
• Stay up to date with current threats, attacker techniques, detection methods, and security best practices.

Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 3–5 years of experience in cybersecurity, SOC operations, incident response, threat monitoring, or a related security role.
• Ability to analyze logs, alerts, endpoint data, network activity, and threat intelligence to identify malicious behavior.
• Good understanding of common attack techniques, MITRE ATT&CK, phishing, malware behavior, lateral movement, and credential-based attacks.
• Relevant certifications such as CompTIA Security+, CySA+, Blue Team Level 1/2, GCIA, GCIH, or similar are a plus.