Job Description:
We are seeking a highly motivated and experienced Sr. SOC Analyst (Level 2) to join our growing Cyber Defense team in the US.In this critical role, you will be responsible for handling escalated incidents from Level 1 Analyst and conducting alert triage, investigation, and incident handling. You will act as a mentor to Level 1 analysts and play a critical role in improving the security posture. You will also play a vital role in overseeing and managing the customer expectations, ensuring their success in delivering exceptional service. The ideal candidate will have a proven track record in SOC environments, with expertise working for fortune 500 clients
Responsibilities:
- Lead and mentor a team of SOC level 1 analysts and provide subject matter expertise in alert triage, investigation, and incident handling.
- Conduct in-depth analysis of security incidents to determine root causes and impacts.
- Lead incident response efforts and coordinate with internal and external stakeholders.
- Develop and implement containment, eradication, and recovery strategies.
- Proactively search for indicators of compromise and potential threats within the network.
- Develop and implement threat-hunting techniques and methodologies.
- Provide guidance and mentorship to Level 1 SOC Analysts.
- Develop and deliver training sessions on advanced security topics.
- Identify and recommend improvements to security controls and processes.
- Work with the SOC Manager to implement new process improvements to enhance the cyber defense program
- Prepare detailed incident reports and post-incident analysis documentation.
- Maintain and update incident response playbooks and procedures.
- Develop and implement playbooks and procedures for efficient incident response activities.
- Collaborate with Client internal teams (Security Engineering, IT, business) to implement remediation strategies and improve overall security posture.
- Stay current on the latest cyber threats and vulnerabilities, proactively adapting security measures.
- Generate insightful reports and metrics to measure SOC team performance and identify areas for improvement.
- Enable a culture of continuous learning within the team, promoting knowledge sharing and professional development.
- Support on-call outside normal business hours in case of critical incident escalations.
Qualifications:
- Bachelor’s degree in computer science, Information Security, or related field, or equivalent experience.
- 3+ years of experience in a SOC environment.
- Strong understanding of security best practices, frameworks (MITRE ATT&CK), and incident response methodologies.
- Experience in investigating incidents that are triggered from EDR tools like CrowdStrike, Defender and other behavior analytics platforms beyond traditional SIEM
- Advanced knowledge of cybersecurity principles, networking, and operating systems.
- Experience with security tools such as IBM QRadar SIEM, IDS/IPS, EDR (Endpoint Detection and Response), and firewalls.
- Strong analytical, problem-solving, and critical-thinking skills.
- Excellent written and verbal communication skills.
- Relevant certifications such as CEH, GCIA, or GCIH are highly desirable.
