Security Analyst – SOC Operations

The Security Analyst SOC Operations (Level 2) is responsible for advanced monitoring investigation and response to cybersecurity incidents within a Private 5G Security Operations Center. This role performs in-depth analysis of incidents escalated from Level 1 leads root cause investigations and supports the continuous security and resilience of 4G/5G RAN and Core networks. The position plays a critical role in strengthening detection capabilities improving response processes and ensuring uninterrupted and secure network operations.

• Conduct detailed analysis of security incidents escalated by L1 SOC analysts.
• Perform root cause analysis and advanced investigations to determine scope impact and threat vectors.
• Respond to contain and remediate security incidents while minimizing operational and service impact.
• Utilize advanced security tools and techniques to analyze investigate and mitigate threats.
• Collaborate with internal and external teams to implement corrective and preventive security controls.
• Document incident findings actions taken and lessons learned in accordance with SOC procedures.
• Provide recommendations for improving incident response playbooks and 5G-specific security procedures.
• Maintain strong working knowledge of 4G/5G protocols signaling flows and architectures for RAN and Core.
• Provide technical guidance mentoring and on-the-job training to L1 SOC analysts.
• Monitor evolving threat landscapes vulnerabilities and technologies impacting 5G environments.
• Support and maintain the 5G SOC operations lab.
• Ensure the ongoing integrity availability and security of 5G RAN and Core network environments.

• Bachelors degree in Computer Science Information Security or a related discipline.
• Strong understanding of TCP/IP OSI Seven Layer Model and diverse network architectures.
• Strong knowledge of cybersecurity principles and 4G/5G technologies.
• Hands‑on experience with security tools including SIEM SOAR IDS/IPS and forensic analysis tools.
• Proven ability to conduct advanced investigations including malware analysis and threat containment.
• Experience working in 4G/5G Security Operations environments.
• Experience in ISP or telecom environments is a strong advantage.
• Hands‑on experience with Splunk and Microsoft Sentinel.
• Experience across IT and OT environments.
• Strong analytical problem‑solving documentation and communication skills.
• Ability to work under pressure and respond effectively to security incidents.
• Industry certifications are preferred including CompTIA Security CSA CCNA CyberOps CySA GCIH BTL1 MITRE ATT&CK Defender (MAD) and Splunk / Microsoft Sentinel certifications.