• Investigate and analyze escalated security alerts and events from L1 analysts.
• Perform in-depth threat analysis using SIEM, EDR, IPS
• Conduct triage and root cause analysis of security incidents.
• Respond to and contain incidents according to the incident response plan.
• Provide guidance and mentorship to L1 SOC Analysts.
• Maintain and update security documentation and playbooks.
• Collaborate with IT and other departments during investigations and remediation.

Required Skills & Qualifications:

• 3–6 years of experience in a SOC or cybersecurity operations environment
• Hands-on experience with SIEM tools (Crowdstrike, Rapid 7)
• Experience with endpoint detection tools, IDS/IPS, firewalls, and vulnerability scanners
• Knowledge of malware analysis, attack vectors, and common TTPs (MITRE ATT&CK)
• Familiarity with security frameworks like HIPAA, NIST, ISO 27001
• Strong analytical and problem-solving skills
• Excellent communication and documentation skills
• Ability to work in 24/7 rotational shifts