TQUKI0396_4404 - SOC Level 2 Analyst

Position Title: SOC Level 2 Analyst

Job Description:

Overview:

As a SOC Level 2 Analyst, you will play a crucial role in monitoring, analyzing, and responding to security incidents and threats within our organizations environment. You will work closely with SOC Level 1 analysts, as well as other cybersecurity professionals, to ensure the integrity, confidentiality, and availability of our systems and data.

Responsibilities:

• Security Monitoring and Analysis:Monitor security event alerts generated by various security systems, including QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms.Analyze security events to identify potential security incidents or anomalies that may pose a risk to the organization.
• Incident Triage and Investigation:Triage incoming security alerts based on their severity and potential impact on the organization.Conduct preliminary investigations to determine the nature and scope of security incidents.Gather and analyze evidence, including logs, network traffic, and system artifacts, to identify indicators of compromise (IOCs).
• Incident Response and Mitigation:Assist in the containment, eradication, and recovery phases of security incidents. Follow established incident response procedures and workflows to ensure timely and effective response to security threats.Collaborate with other members of the SOC team and relevant stakeholders to coordinate incident response efforts.
• Threat Intelligence Analysis:Stay informed about the latest cyber threats, vulnerabilities, and attack techniques by analyzing threat intelligence feeds and reports.Use threat intelligence to enhance the organizations detection capabilities and proactively identify emerging threats.
• Documentation and Reporting:Maintain accurate and detailed records of security incidents, including timelines of events, actions taken, and findings.Prepare incident reports and post-mortems to document the outcomes of security incidents and lessons learned.Ensure that all documentation complies with internal policies and regulatory requirements.
• Continuous Improvement:Participate in ongoing training and professional development activities to enhance knowledge and skills in cybersecurity. Provide feedback and suggestions for improving SOC processes, procedures, and tools.Stay abreast of industry best practices and emerging technologies in cybersecurity.

Qualifications:

1. Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience).
2. 5+ years of experience in a cybersecurity role, preferably in a SOC environment.
3. Strong understanding of cybersecurity principles, concepts, and technologies.Experience with security monitoring tools such as QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms.
4. Familiarity with incident response procedures and frameworks (e.g., NIST, SANS).Excellent analytical and problem-solving skills.
5. Strong communication and interpersonal skills.Relevant certifications (e.g., CompTIA Security+, GIAC Security Essentials) are a plus.