IT Security Analyst

This is a SOC L2 position that will be integral part of 24/7 SOC monitoring. SOC L2 analyst will function as shift subject-matter experts (SMEs) and lead on incident detection and analysis techniques.

• Collaboration and Escalation:
  • To timely response to security alerts using a combination of technology solutions and a complete & reliable set of documented processes on a 24 x 7 x 365 basis
  • Act as a point of escalation for Level-1 analysts in 12-hour shift rotation
  • Escalate suspected incidents to L3 with detailed analysis and actionable recommendations.
  • Interfaces and collaborate with other teams for incident escalations and resolution
  • Work closely with SOC Head to better security operations and address identified deficiencies
• In-Depth Analysis:
  • Perform due diligence and in-depth analysis on escalated security alert from Level-1 analyst and escalate to respective team for further action in timely manner
  • Assist in threat hunting activities to identify potential vulnerabilities.
• Incident Response: Involve in incident response steps, perform root cause analysis and recommend solutions to mitigate risks
• Coaching and mentoring:
  • Support Level-1 alert analysis by providing advanced analysis services to include recommending containment and remediation processes and independent analysis of security events
  • Mentoring Level-1 analyst to improve detection capability within the SOC and feedback on work quality
• Continuous Improvement:
  • Challenge and suggest improvement on existing processes and procedures in a very agile and fast-moving information security environment
  • Receive and review tuning request from Level-1, provide recommendations in use case tuning and optimization of security systems
• Documentation & Reporting: Ensure all relevant processes are documented, complete, accurate and updated at least on a yearly basis or as and when any changes

• Demonstrated ability to work in a team environment, train and coach other team members
• Experience with investigating using a wide variety of detective technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools
• Understanding and knowledge of threat landscape in terms of the tools, tactics, and techniques of attacks
• Excellent analytical and problem-solving skills
• Great communication skills, both written and verbal
• Ability to effectively communicate technical and non-technical issues both verbally and in writing
• Hands-on experience in working with Security Operation Centre

Relevant technical and industry certifications are a plus, e.g. SANS certifications