Security Operations Center (SOC) Analyst – Level 2 (L2)

Accenture Middle East - Senior Analyst role in SOC L2.

The SOC L2 Analyst provides advanced security monitoring, incident investigation, and response across client environments. Requires strong analytical skills, hands‑on SIEM/EDR experience, and ability to manage escalated incidents from identification through remediation. Analyst interfaces with technical teams, drives SOC process improvements, and aligns defensive measures with emerging threats.

• Lead investigation of security incidents escalated from Level 1, validating initial analysis and identifying missing or inaccurate details.
• Manage full incident lifecycle: identification, triage, containment, remediation, closure.
• Perform in‑depth analysis of security alerts, logs, and events across SIEM, EDR, firewall, network, and cloud telemetry.
• Conduct root‑cause analysis, document impact, provide actionable recommendations.
• Support major incidents and complex investigations, ensuring timely and accurate escalation.
• Analyze threat campaigns, attacker tactics, techniques, and procedures (TTPs), extract indicators of compromise.
• Identify emerging threats and assess potential impact on client environments.
• Tune detection rules, correlation logic, and use cases to enhance accuracy and reduce false positives.
• Work with SIEM platforms (Splunk ES, QRadar, or equivalent) for advanced event analysis and correlation.
• Utilize EDR, IDS/IPS, sandboxing tools, and other SOC technologies to perform comprehensive investigations.
• Access and interpret elevated log sources across platforms including firewalls, endpoint logs, cloud services, and DNS telemetry.
• Ensure all investigations and evidence are fully documented in case management systems.
• Prepare post‑incident analysis reports with observations, lessons learned, and improvement recommendations.
• Adhere to SOC processes, SLAs, and quality standards while contributing to their ongoing enhancement.
• Coordinate closely with internal teams: SecOps, Network, Cloud, Platform Engineering, Threat Intelligence.
• Engage resolver teams to support containment or remediation activities as required.
• Communicate technical findings clearly to both technical and non‑technical stakeholders.

• 4–8 years SOC operations, security monitoring, incident response.
• Strong experience with SIEM, EDR, IDS/IPS, threat analysis tools.
• Solid background in network security, log analysis, event correlation.
• Exposure to cloud environments such as AWS, Azure, Google Cloud.
• Understanding of network protocols, security architectures, endpoint behaviors.
• Experience in threat hunting, IOC analysis, basic forensic triage.
• Ability to analyze large datasets from multiple telemetry sources.
• Certifications: GCIA, GCIH, GREM, CEH, GCFA, CISSP, Security+, or equivalent.
• Strong written and verbal communication, work under pressure, analytical mindset.

The role provides exposure to enterprise‑scale environments, complex cyber incidents, and advanced security technologies. SOC L2 Analysts benefit from continuous learning, defined career progression paths, and collaboration with global cybersecurity experts across Accenture’s delivery network.

• Seniority level: Mid‑Senior level
• Employment type: Full‑time
• Job function: Project Management, General Business, Management
• Industry: Security and Investigations