The SOC Analyst – Level 2 is responsible for advanced security monitoring, incident analysis, and response activities. This role involves handling escalated security alerts, performing in-depth investigations, and coordinating with internal teams to remediate threats. The L2 analyst acts as a technical escalation point for L1 analysts and ensures adherence to security policies and procedures.

Key Responsibilities:

• Analyze and respond to escalated security alerts from L1 analysts.
• Perform detailed investigation of incidents, including log analysis, malware analysis, and network traffic review.
• Conduct threat hunting and identify Indicators of Compromise (IOCs).
• Coordinate with IT and application teams for incident containment and remediation.
• Develop and maintain incident response playbooks and SOPs.
• Provide guidance and mentorship to L1 analysts.
• Generate detailed incident reports and recommend preventive measures.
• Collaborate with threat intelligence teams to assess emerging threats.
• Ensure compliance with organizational security policies and regulatory requirements.

Required Skills & Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field.
• 3–5 years of experience in SOC operations or cybersecurity roles.
• Strong knowledge of SIEM tools (Splunk, QRadar, Sentinel) and EDR solutions (CrowdStrike, Microsoft Defender, etc.).
• Experience in incident response, threat hunting, and malware analysis.
• Familiarity with network protocols, firewalls, and intrusion detection systems.
• Certifications such as CEH, Security+, CySA+, or SOC Analyst are preferred.

Preferred Skills:

• Scripting skills (Python, PowerShell) for automation.
• Knowledge of cloud security (AWS, GCP, Azure).
• Strong analytical and problem-solving skills.
• Ability to work in a 24x7 environment and handle high-pressure situations.