L2 SOC Analyst
L2 SOC Analyst
Posted on :
21-12-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Job Responsibilities:
1. Perform deep analysis to security incidents to identify the full kill chain
2. Perform remediation steps according to the findings or initiate steps for remediation
3. Prepare RCA for major incidents
4. Handle L2 and above level technical escalations from L1 Operations team and resolve within SLA.
5. Identify the security gaps and need to recommend new rules/solution to L3/Customer
6. Need to suggest finetuning for existing alert rules based on the high count/wherever required
7. Create and manage the Incident handling playbook process runbooks and adhoc documents whenever needed
8. Recommend finetuning for alerts with logic and threshold and possibly the query as well for the SIEM
9. Recommend new usecases with logic and threshold and possibly the query as well for the SIEM
10. Respond to clients requests concerns and suggestions
11. Proactively support L1 team during an incident.
12. Performs and reviews tasks as identified in a daily task list.
13. Ready to work in 24x7 rotational shift model including night shift
14. Incident detection triage analysis and response.
15. Coordinating with customers for their security related problems and providing solutions.
16. Share knowledge to other analysts in their role and responsibilities
17. Provide knowledge transfer to L1 such as advance hunting techniques guides cheat sheets.
Knowledge Experience:
Minimum 5 Years of experience in Security Operations
Security event monitoring alert triage and thorough incident investigation.
Research and understand log sources for effective security monitoring.
Isolate issues respond to incidents and mitigate threats swiftly.
Adjust SIEM rules for better alert and incident specifications.
Optimize SIEM capabilities aid in audit/logging and generate timely reports.
Conduct vulnerability scans prioritize and plan remediation.
Proactively search for suspicious activities through Threat Hunts.
Offer valuable Threat Intelligence to verify security concerns.
Identify endpoint threats using EDR/AV analysis and Cybereason scans.
Develop and maintain security operation standards procedures and playbooks.
Minimum 5 Years of experience in Security Operations
Security event monitoring alert triage and thorough incident investigation.
Research and understand log sources for effective security monitoring.
Isolate issues respond to incidents and mitigate threats swiftly.
Adjust SIEM rules for better alert and incident specifications.
Optimize SIEM capabilities aid in audit/logging and generate timely reports.
Conduct vulnerability scans prioritize and plan remediation.
Proactively search for suspicious activities through Threat Hunts.
Offer valuable Threat Intelligence to verify security concerns.
Identify endpoint threats using EDR/AV analysis and Cybereason scans.
Develop and maintain security operation standards procedures and playbooks.
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
