Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
We are looking for a proactive and experienced L2 Security Operations Analyst to strengthen our Security Operations Centre (SOC) team. This role will be responsible for detecting, analysing, and responding to cybersecurity incidents in a hybrid infrastructure comprising AWS Cloud, on-prem infrastructure, and diverse endpoint systems including Linux, Windows, and macOS. The candidate should have hands-on experience with SIEM, EDR, firewalls, and cloud-native security tools, along with a solid understanding of threat landscapes and incident response processes.
Responsibilities
Act as the first level of the escalation point to L1 team and investigate, validate, and escalate security alerts received from SIEM and other monitoring tools.
Monitor and analyse security events from various sources including CNAPP, SIEM, EDR, firewalls, AWS CloudTrail, Guard Duty, and endpoint logs.
Triage security alerts and escalate incidents based on severity and impact.
Correlate data across sources to identify patterns of malicious activity and potential breaches.
Review and refine detection use cases and rule tuning to reduce false positives.
Update and maintain incident response runbooks and knowledge base.
Assist in the development of automation using SOAR platforms for repetitive tasks.
Document incidents, root cause analysis, and lessons learned in a structured and timely manner. Provide regular status reports and metrics to SOC leads and management.
Collaborate with infrastructure, application, and IT teams for investigation and remediation.
What are we looking for in you?
Bachelor’s degree in information security, Computer Science, or related field.
3–6 years of experience in a SOC or cybersecurity operations role.
Proficiency with SIEM tools (e.g., Sentinel, Splunk).
Hands-on experience with EDR/XDR platforms (e.g., CrowdStrike, Sentinel One).
Strong understanding of network protocols, operating systems, malware analysis, and threat actor behaviour.
Familiarity with frameworks such as MITRE ATT&CK, NIST CSF,
Incident response and investigation skills, including log analysis and packet inspection.
Experience with ticketing systems and incident tracking tools.
*******