Job Summary:

The Security Analyst Level 2 (L2) is responsible for investigating, analyzing, and responding to security events and incidents escalated. This role requires a strong technical background, analytical thinking, and hands-on experience in threat detection, incident response, and security monitoring. Tools such as CrowdStrike will be preferred.

Key Responsibilites

• Triage and investigate escalated alerts to determine the nature and severity of potential threats.
• Perform in-depth analysis of network traffic, security logs, and system events.
• Conduct malware analysis and forensic investigations as needed.
• Document and escalate verified incidents to the Incident Response team.
• Provide guidance and mentorship to L1 analysts.
• Recommend and implement detection improvements and playbook enhancements.
• Collaborate with other teams (IT, DEV, IR) for comprehensive response efforts.
• Participate in root cause analysis and post-incident reviews.
• Continuously update knowledge on current threats, tactics, and procedures (TTPs)

Requirements

• 3+ years of experience in a SOC or similar security role.
• Strong understanding of security technologies: SIEM, IDS/IPS, firewalls, EDR, etc.
• Experience with tools CrowdStrike Preferred or similar.
• Familiarity with MITRE ATT&CK framework, NIST, and incident handling frameworks.
• Ability to analyze logs, packets, and indicators of compromise (IOCs) & (IOA).
• Solid problem-solving and communication skills.
• Relevant certifications (e.g., CompTIA Security+, CySA+, GCIA, GCIH, or equivalent) are a plus.