We are seeking a highly motivated and experienced Sr. SOC Analyst (Level 2) to join our growing Cyber Defense team in the US.
About the Role - In this critical role, you will be responsible for handling escalated incidents from Level 1 Analyst and conducting alert triage, investigation, and incident handling. You will act as a mentor to Level 1 analysts and play a critical role in improving the security posture. You will also play a vital role in overseeing and managing the customer expectations, ensuring their success in delivering exceptional service. The ideal candidate will have a proven track record in SOC environments, with expertise working for fortune 500 clients
Responsibilities
- Lead and mentor a team of SOC level 1 analysts and provide subject matter expertise in alert triage, investigation, and incident handling.
- Conduct in-depth analysis of security incidents to determine root causes and impacts.
- Lead incident response efforts and coordinate with internal and external stakeholders.
- Develop and implement containment, eradication, and recovery strategies.
- Proactively search for indicators of compromise and potential threats within the network.
- Develop and implement threat-hunting techniques and methodologies.
- Provide guidance and mentorship to Level 1 SOC Analysts.
- Develop and deliver training sessions on advanced security topics.
- Identify and recommend improvements to security controls and processes.
- Work with the SOC Manager to implement new process improvements to enhance the cyber defense program
- Prepare detailed incident reports and post-incident analysis documentation.
- Maintain and update incident response playbooks and procedures.
- Develop and implement playbooks and procedures for efficient incident response activities.
- Collaborate with Client internal teams (Security Engineering, IT, business) to implement remediation strategies and improve overall security posture.
- Stay current on the latest cyber threats and vulnerabilities, proactively adapting security measures.
- Generate insightful reports and metrics to measure SOC team performance and identify areas for improvement.
- Enable a culture of continuous learning within the team, promoting knowledge sharing and professional development.
- Support on-call outside normal business hours in case of critical incident escalations.
Qualifications:
- Bachelor’s degree in computer science, Information Security, or related field, or equivalent experience.
- 3+ years of experience in a SOC environment.
- Strong understanding of security best practices, frameworks (MITRE ATT&CK), and incident response methodologies.
- Experience in investigating incidents that are triggered from EDR tools like CrowdStrike, Defender and other behavior analytics platforms beyond traditional SIEM
- Advanced knowledge of cybersecurity principles, networking, and operating systems.
- Experience with security tools such as IBM QRadar SIEM, IDS/IPS, EDR (Endpoint Detection and Response), and firewalls.
- Strong analytical, problem-solving, and critical-thinking skills.
- Excellent written and verbal communication skills.
- Relevant certifications such as CEH, GCIA, or GCIH are highly desirable.
