SOC Analyst Level 2

L2 SOC Analyst 

Cyber Defense Job Req: 

We are looking for a self -driven, and detail-oriented L2 SOC Analyst to join our ADI Cybersecurity team. In this role, you will investigate complex threats, hunt for anomalies, and play a critical part in protecting our digital ecosystem.  If you are passionate about cybersecurity and you thrive in fast-paced environments this is your opportunity to make a real impact.  We will support your development and growth in a Cyber Defense team that values innovation and collaboration.  

Key Responsibilities 

• Coordinating daily operations and ensuring timely incident escalation and resolution. 

• Responding to escalated security alerts from L1 analysts, performing detailed investigation, triage, and root cause analysis. 

• Proactively hunting for threats using SIEM data, threat intelligence, and various security tools. 

• Analyzing logs, network traffic, and endpoint data to identify potential security incidents and vulnerabilities. 

• Assisting with incident response activities, including containment, eradication, and recovery, ensuring all incidents are thoroughly documented. 

• Working closely with the L3 analysts and other colleagues on advanced investigations and threat management activities. 

• Fine-tuning SIEM rules, alerts, and correlation logic to improve detection capabilities and minimize false positives. 

• Assisting with updating incident response playbooks and procedures, ensuring adherence to industry best practices and compliance frameworks.  Contributing to playbook development and improvements. 

• Training and mentoring less experienced team members and enhancing their technical skills and knowledge. 

• Staying up to date with emerging threats, vulnerabilities, and cybersecurity trends to improve SOC operations. 

Qualifications 

Required Skills and Experience: 

• Bachelor's degree in Cybersecurity, Computer Science, or related field, or equivalent experience. 

• 3+ years of experience in a SOC or incident response role, with at least 1 year in a  senior analyst capacity. 

• Proven experience with SIEM platforms for log analysis, alert tuning, and threat detection. 

• Demonstrable understanding of cybersecurity concepts, including threat vectors, malware, lateral movement, and exfiltration techniques. 

• Hands-on experience with network security tools and endpoint detection and response (EDR) platforms  

• Familiarity with attack frameworks such as MITRE ATT&CK and how to apply them in a SOC. 

• Demonstrated ability to handle escalated incidents, including ransomware, phishing, and advanced persistent threats (APTs). 

• Strong analytical and troubleshooting skills with an ability to prioritize in high-pressure situations. 

• Excellent written and verbal communication skills in English for creating incident reports and presenting findings. 

• Culturally and socially flexible with an understanding of how to work with global teams. 

Preferred Skills: 

• Industry certifications such as GCIH, GCIA, CEH, CySA+, or equivalent. 

• Experience with cloud security monitoring tools (e.g., AWS GuardDuty, Azure Sentinel) and cloud environments (AWS, Azure, GCP). 

• Knowledge of scripting or automation tools (e.g., Python, PowerShell, or Bash) to enhance incident response processes. 

• Familiarity with SOAR (Security Orchestration, Automation, and Response) platforms for workflow automation. 

• Experience working within compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS, GDPR).