Senior Security Analyst
●As a Level 2 Cyber Defense Operations Center (CDOC) Senior Analyst, you will work in advanced security operations with a focus on SIEM and SOAR technologies, driving detection and response. You’ll be responsible for helping L3 in optimizing detection rules and managing high-severity incidents from triage to resolution.
● Your primary responsibility will be helping Level 1 analyst in analysis of incidents and assisting Level 3 on day-to-day operation.
● This role requires medium level technical expertise, team player quality, and a proactive approach to evolving threats.
Qualifications & Experience
●Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant certifications (e.g., SANS/GIAC, ECIH, GCIH, CEH, DFIR) may be preferred.
●4-7 years of total experience in SOC in a large multi-national organization or in a known MSSP. In addition, candidate should possess at least 2 years of working experience on SOAR solutions.
Responsibilities
●Run daily SOC operations including SIEM/SOAR tuning, alert triage, and coordinated incident response to ensure effective real-time threat monitoring.
●Handlle end-to-end security incident analysis, containment, mitigation, and reporting, leveraging SIEM/SOAR insights and cross-team coordination for swift resolution.
●Work on high priority incidents or escalated incidents from L1
●Assist L3 in any adhoc investigation, fine-tuning security solution.
●Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities.
●Research emerging threats, vulnerabilities, and attack techniques to improve defenses.
●Document incident response activities and produce detailed reports for stakeholders.
●Conduct post-incident reviews to drive improvements in tools, processes, and readiness.
●Maintain detailed incident records, contribute to reporting, and support audit readiness.
●Guide and train junior analysts, promoting best practices and continuous improvement within the SOC.
●Stay up to date on emerging threats and technologies to continuously evolve SOC capabilities.
●Support comprehensive asset inventory and ownership mapping to ensure full monitoring coverage.
Technical & Soft Skills:
●Deep hands-on experience with technologies like SIEM, SOAR, XDR such as Google Chronicle, Crowdstrike Logscale, Splunk.
●Strong working knowledge of endpoint security tools and concepts, including EDR (CrowdStrike, Defender, Cortex), DLP, and MDM.
●Strong knowledge of MITRE ATT&CK, NIST CSF frameworks, and cyber kill chain concepts.
●Good understanding of network security, operating systems, and hybrid cloud environments (Cloud, On-Prem, VDI).
●In-depth knowledge of threat landscapes and technical security concepts.
●Strong grasp of network protocols, OS internals, and security technologies.
●Familiar with compliance standards such as NIST CSF and ISO 27001.
●Ability to work under pressure, especially during critical security incidents.
●Ability to conduct independent research and analysis, identifying issues, formulating options, and making conclusions and recommendations.
●Skilled in developing professional documentation and detailed reporting (including PowerPoint presentations), including policies, standards, processes and procedures
●Very high attention to detail, with strong skills in managing/presenting data and information.
●Demonstrable conceptual, analytical and innovative problem-solving and evaluative skills.
●Good communication and interpersonal skills to effectively collaborate with stakeholders, and internal teams.
