L2 SOC Analyst (SO2)

Description

The Level 2 SOC Analyst performs individual tasks consistently and at an exemplary standard and is able to mentor Level 1 SOC Analysts in SOC processes and procedures.

Responsibilities

1. Deliver security-based operational support for clients, in line with documented process and timeframe
2. Classify and prioritize incidents based on established criteria
3. Review the collected data and additional requested log sources then provide tactical recommendations
4. Escalate any potential high visibility incident
5. Handle communication to a mix of technical and non-technical client audience
6. Research Threat or Security related news that could potentially impact a client
7. Proactive hunting for threats in large volumes of data
8. Generate scan schedules for vulnerability management and contribute to risk adjusted assessments
9. Create custom reports based on the data gathered on a weekly/monthly basis
10. Knowledgeable in updating a use case or playbook
11. Document processes and process improvements
12. Provide analytical and technical support to solve a wide range of complex security issues
13. Raise support tickets and take ownership of issues through to completion
14. Participate in open communication between team members
15. Additional tasks will be given as the individual grows their skill

Key Competencies & Experience:

1. Degree in computer science or equivalent certifications/qualifications.
2. Minimum 2 years of cyber security operations experience.
3. Understanding of the different occurrences of incidents, scenarios and situations, including an understanding of evolving threat tactics, techniques and procedures.
4. Good understanding and experience in either Incident Response, Vulnerability Management, Security Operations or Cyber Threat Intelligence.
5. Good understanding of the cyber security landscape and security concepts.
6. Good understanding of common protocols
7. Good understanding of security event triage and incident handling processes
8. Good understanding of packet analysis
9. Foundational understanding of malware analysis
10. Foundational understanding of vulnerability management, including scanning and reporting Foundational understanding in security architecture.
11. Good understanding in the use of Security Information and Event Management and Endpoint Detection and Response tools is highly desirable.

Skills and Attitudes:

1. Willing to work in 24 x 7 environment.
2. Commitment to continual improvement, education, personal development and a willingness to learn.
3. Strong troubleshooting skills and ability to manage issues through to resolution.
4. Maintains strong attention to detail in high-pressure situations.
5. Ability to explain in written and spoken English.
6. Strong ambition and ability to develop and expand cyber security services and product support.