Security Operations Center Analyst - Tier 2

A SOC Tier 2 Analyst oversees doing in-depth analyses and dealing with security incidents that have been escalated from Tier 1. This mid-level position involves analyzing and mitigating more complex security threats, performing advanced forensic analysis, and improving the overall security posture of the customers. The Tier 2 Analyst serves as an interface between the initial incident detection and the more specialist security response and remediation operations.II-Duties & Responsibilities:1. Incident Investigation:· Conduct thorough investigations into security incidents reported by Tier 1 analysts.· Analyze logs, network traffic, and other data sources to determine the extent and severity of incidents.· Conduct root cause analysis to determine how problems occurred and how to prevent them in the future.2. Incident Response:· Lead the response to confirmed security incidents, working with IT and other organizations as needed.· Address security concerns by implementing containment, eradication, and recovery procedures.· Document full incident reports and corrective actions taken.3. Threat Hunting:· Proactively seek potential security threats and weaknesses in the customer's IT environment.· Create and deploy threat hunting strategies and methodologies for detecting advanced persistent threats (APTs).4. Forensic analysis:· Conduct digital forensic investigation on compromised systems to collect evidence and better understand attack pathways.· Use forensic technologies and techniques to aid in incident investigations and legal proceedings when needed.5. Enhanced Security Measures:· Collaborate with IT and security departments of customers to enhance security controls and procedures.· Improve security policies, processes, and technology based on incident investigation results.6. Mentoring and Training:· Provide Tier 1 analysts with advice and support as they expand their abilities and knowledge.· Participate in and contribute to continuous training and development initiatives at the SOC.7. Acting as SOC- IT Specialist.III-Skills and Qualifications:1. Education:· A bachelor's degree in computer science, information security, or a field that is related.· Advanced certifications, such as Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or Certified Incident Handler (CIH), are plus.2. Experience:· 2-5 years of experience in cybersecurity, IT security, or related roles.· Proven expertise in incident response, threat analysis, and digital forensics.3. Languages:· Proficiency in English, both written and verbal, is required.· Additional language skills are a plus, depending on the organization's global presence.4. Technology:· Extensive knowledge of security tools including SIEM, IDS/IPS, firewalls, EDR, and forensic software.· Proficiency in network and system administration, including knowledge of Windows, Linux, and cloud systems.· Experience in scripting and automation languages such as Python, PowerShell, and Bash.