L2 Security Operations Center (SOC) Analyst / Lead

We are seeking a skilled and self-motivated Level 2 SOC Analyst to take a leading role in cyber threat operations within our MSSP SOC environment. This role also involves operating as a Subject Matter Expert (SME) and mentoring junior L1 analysts.

As a key member of our Security Operations Center, you will play a critical role in monitoring, detecting, investigating, and responding to security threats across a diverse range of client environments, including Government, Finance, Legal, Aviation, Logistics, and more. This diversity provides a unique opportunity to accelerate your growth as a threat analyst and incident responder.

As a senior analyst, you are expected to respond to high-priority escalated cases outside of standard working hours, as part of an on-call rotation or in urgent scenarios requiring expert intervention. Your involvement will play a pivotal role in ensuring timely intervention to cyber threats for our customers.

• Lead daily SOC operations, ensuring incident SLAs are met
• Mentor junior L1 analysts in triage methods, threat detection/validation and incident response

• Able to perform proactive threat investigation & response using MITRE attack framework, NIST framework and threat intelligence sources
• Review all escalations from L1 analysts, ensure comprehensive analysis and daily update to SOC Manager
• Identify and implement improvement to reduce false positives, ensuring SOC’s efficiency
• Timely update to documentation, processes and workflows for continuous improvement
• Timely escalation to SOC Manager for qualified incident and attend War room including after office-hours when required.

• Design and enhance playbook, runbook and use cases based on investigations.
• Triage security events and incident response using playbook.
• Operate in-house SIEM for investigations and monitoring
• Review all cases within case management system and ensure proper incident tracking, escalation and resolution till case closure
• Able to lead the investigation in the event of threat, assisted by L1 Analyst, and provide timely update to SOC Manager

• Research in threat intelligence to strengthen SOC capabilities for detecting cyber-attacks.
• Share threat intelligence news and keep abreast of latest cyber news so that the team is informed about new threats and attack methods

• Improve standard operating procedures (SOP)
• Compile and present monthly SOC threat reports and gap analysis to customers
• Improve SOC processes on an ongoing basisMonitor SOC workflow and suggest improvements

1. Diploma or Degree in Computer Science, or related field.
2. MUST have at least 2 years of experience working in MSSP SOC or 3 years experience working in in-house SOC.
3. Experience with tools such as SIEM, EDR, NDR, XDR, IDS, IPS, Firewalls, Email Security and Web Security.
4. Good understanding of computer networking, TCP/IP, subnets, routing and switching.Experience in security event analysis, incident handling, root cause analysis.
5. MUST have either one of them :- CCNA, Comptia Network+, Comptia Security+, ISC2 CC, EC-Council C|ND, EC-Council E|CIH, EC-Council C|SA
6. Experience and knowledge in Cloud Environments such as AWS, GCP, Azure, Alibaba Coud, will be an added advantage.
7. Strong analytical and problem-solving skills, with the ability to quickly identify and resolve security issues.
8. MUST be willing to be on stand-by after office-hours on rotational basis for any threat escalation by L1 Analyst.