Senior SOC Analyst

IntroductionCDC Hotline & Mailbox Validate escalations from L1 and ensure incident creation is accurate. Analyse complex e-mail cases or hotline escalations that fall outside SOPs. Escalate major incidents to CDC.CheckMail (Suspicious E-mails) Conduct advanced phishing/malware analysis using sandboxing, threat intelligence, and enrichment tools. Provide verdicts and tailored communication to end users beyond template responses. Identify phishing campaigns, recurring indicators, and suggest proactive blocking measures.NextGen Antivirus (CrowdStrike) Perform in-depth triage and investigation of CrowdStrike incidents. Correlate alerts with endpoint telemetry, network data, and threat intelligence. Take pre-approved remediation actions via Logic Apps. Conduct root-cause analysis on recurring incidents. Propose whitelist/blacklist updates to reduce false positives.Email Malware Prevention (EOP) Analyse suspicious e-mails flagged by EOP, including attachment and URL analysis. Define and initiate mitigation measures (IoC blacklisting, proxy blocking, sandbox validation). Classify incident severity and escalate critical events to CDC. Provide intelligence reporting on evolving e-mail threats.SIEM & Incident Management (Microsoft Sentinel) Independently analyse SIEM alerts, correlate across data sources, and enrich with TI feeds. Conduct root-cause analysis and propose detection improvements. Take pre-approved remediation actions using automation playbooks. Provide prioritization and trend analysis reports to Client CDC. Collaborate with engineering to enhance detection rules and SOPs.Mentor L1 analysts by providing feedback and training.Your Role And ResponsibilitiesThe L2 SOC Analyst is responsible for deep-dive investigation, advanced analysis, and resolution of security incidents escalated from L1 or automated systems. L2 analysts provide contextual threat analysis, enrichment, and remediation while working closely with Client CDC and engineering teams. They ensure complex incidents are accurately classified, mitigated, and documented, while identifying opportunities to improve detection and response processes.Required Technical And Professional Expertise Solid understanding of cyber kill chain, MITRE ATT&CK, and incident response. Proficiency with SIEM (Microsoft Sentinel), EDR (CrowdStrike), and SOAR automation workflows. Hands-on experience with e-mail security, sandboxing, and phishing analysis. Knowledge of malware behavior, threat intelligence sources, and IOC enrichment. Strong analytical and investigative skills, with the ability to handle complex cases.Effective communication with both technical and non-technical stakeholders.Preferred Technical And Professional Experience Bachelor’s degree in IT, Cybersecurity, or related field. Security certifications (e.g., GIAC GCIH, Microsoft SC-200, CySA+, or similar).2–5 years of SOC analyst or incident response experience.