Security Analyst L2

As Architects of Change, Logicalis’ focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights. The company, through its deep understanding of key IT industry drivers such as security, cloud, data management and IoT, can address customer priorities such as revenue growth and business, operational efficiency, innovation, risk and compliance, data governance and sustainability.

We strengthen our purpose: to design, support and execute our customers' digital transformation by converging their vision with our technological expertise and knowledge of the industry. The brand refresh underpins both the evolution of Logicalis’ positioning as well as our strategic vision for growth.

• Work in a 24x7 shift environment to handle security incidents and provide level two (L2) support during analysis & investigations to identify the root cause.
• Provide detailed remediation recommendations to customers for the incidents within agreed SLAs and, if required, assist them during remediation implementation.
• Execute SOC playbooks and knowledge base to minimize the security incident impact, and perform detailed investigation on the infected assets.
• Escalate critical incidents to 3rd level support team for further analysis & investigations, demonstrating excellent collaboration skills for timely resolution to minimize impact to customers.
• Review 3rd party threat intel feeds and integrate them into MSS platforms to provide value to our customers.
• Prepare SOC monthly reports, customized based on business requirements, and present them to customers during monthly meetings, highlighting risks and mitigation plans.
• Enable regional L1 Security Analysts to deliver seamless L1 support by developing SOC playbooks and a sufficient knowledge base.

• Candidate should have at least 3 years of experience working in SOC and MSS environments, with a Bachelor’s degree in Computer Science/IT/Information security.
• Excellent hands‑on experience in incident analysis using SIEM platforms such as Microsoft Sentinel, IBM QRadar.
• Hands‑on experience with any Endpoint Protection (EPP) or Endpoint Detection and Response (EDR) technologies; preferred if Microsoft Defender or CrowdStrike.
• Exposure to firewall technologies such as Cisco, Palo Alto, Checkpoint, Fortinet.
• Good understanding of Windows, Linux environments and basic Linux commands; proven Unix (Solaris, Linux, BSD) experience.
• Knowledge of any shell scripting language, and ability to automate mundane operational tasks.
• Candidate should have at least one cybersecurity industry certification such as CEH or CHFI.
• Good understanding of basic network concepts and advantage if exposure to cloud technologies.
• Lateral thinking combined with excellent troubleshooting skills, preferably with experience following ITIL standards.