SOC L2 Analyst

Are you a motivated problem-solver who loves learning new skills? Join our friendly team and grow your career with real hands-on experience.

• Security Operations and Incident Response
  • Monitor SIEM alerts and logs to identify suspicious activity and potential security incidents.
  • Analyze incidents escalated by SOC Level 1 analysts and determine severity and next steps.
  • Respond to security incidents, including malware infections, unauthorized access attempts, and data breaches.
  • Conduct root cause analysis and implement measures to prevent recurrence.
  • Perform proactive threat hunting to detect undetected threats within the environment.
  • Document and escalate incidents as necessary to SOC Level 3 or management teams.
• Collaboration and Support
  • Work with SOC, Incident Response, and Vulnerability Management teams to provide contextual threat insights.
  • Assist in developing security use cases and refining detection rules in SIEM platforms.
  • Generate and present reports for IT administrators, business managers, and security leaders.
  • Create and maintain documentation for knowledge transfer within the team.
• Automation and Optimization
  • Utilize CTI tools (e.g., SOCRadar, ThreatConnect, Recorded Future) and SIEM platforms (e.g., Sentinel, QRadar).
  • Explore automation opportunities in incident triage and intelligence gathering processes.
  • Build and maintain incident response automation workflows to streamline operations.
• Audit, Evaluation, and Continuous Improvement
  • Conduct regular security assessments and audits to identify vulnerabilities.
  • Perform monthly and quarterly reviews of security use cases, incidents, and team performance.
  • Track and report on SOC performance against SLAs and incident quality metrics.
  • Contribute to the continuous improvement of SOC services and security strategies.
• Availability & Proactive Incident Support
  • Available beyond regular office hours during high-priority incidents or critical escalations.
  • Willing to work in rotation shifts.
  • Proactively contributes to tasks beyond assigned responsibilities when needed to ensure team success and incident resolution.

• Educational Background
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
  • Equivalent professional experience may be considered in place of formal education.
• Technical Proficiency
  • Experience with SIEM platforms (e.g., Sentinel, QRadar) and endpoint security tools (e.g., XDR, EDR).
  • Knowledge of CTI frameworks (MITRE ATT&CK, Diamond Model, Kill Chain) and tools (e.g., ThreatConnect, Recorded Future, GroubIB, Cyble Vision).
  • Familiarity with IDS/IPS, sandboxing, and network traffic analysis.
  • Basic understanding of incident response processes and methodologies.
• Soft Skills
  • Strong analytical and problem-solving abilities.
  • Effective communication skills for both technical and non-technical audiences.
  • Ability to work collaboratively and independently in a fast-paced environment.
  • Proactive mindset with a strong desire to learn and grow.
• Certifications (Preferred)
  • CompTIA Cybersecurity Analyst (CySA+), Certified Ethical Hacker (CEHv2), or similar.
  • Certifications in SIEM platforms or SOC operations (e.g., Microsoft Sentinel, QRadar, Google Chronicle SIEM).

• Career growth opportunities
• Friendly work environment

• Medical Card
• Birthday Leave
• Team Building
• Sport Activities
• Many more!

We’re a growing team that values teamwork, learning, and respect. If you’re eager to improve and try new things, we’d love to meet you!