Job Description

:
We are seeking a detail-oriented and proactive SOC Analyst Level 2 to strengthen our cybersecurity operations. The ideal candidate will have hands-on experience in reviewing and investigating escalated security events using a variety of security tools and methodologies. This role involves working closely with L1 analysts, Incident Response teams, and Threat Hunters to ensure accurate detection, classification, and escalation of security incidents.
Key Responsibilities
Review and investigate escalated security events from SOC L1 analysts using tools such as SIEM, EDR, NDR, and other monitoring platforms.
Perform initial triage and validation of s, classify incidents, and escalate appropriately to Incident Response or Threat Hunting teams.
Leverage threat intelligence to contextualize s and correlate evidence across multiple data sources.
Analyze suspicious activity across endpoints, networks, email, and cloud environments.
Accurately document investigation steps, findings, and recommendations.
Maintain and enhance playbooks, runbooks, and standard operating procedures (SOPs).
Participate in purple team exercises, tabletop simulations, and contribute to detection engineering feedback loops.
Collaborate with L1 analysts, providing guidance and training on detection logic, triage, and escalation procedures.
Required Qualifications
Minimum 2 years of experience in a SOC, security monitoring, or cybersecurity operations role.
Proficiency with SIEM (e.g., Splunk, QRadar, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender for Endpoint), and analysis of firewall and proxy logs.
Solid understanding of attacker tactics, techniques, and procedures (TTPs), especially those outlined in MITRE ATT&CK and the Cyber Kill Chain.
Demonstrated experience in triaging s, classifying threats, and escalating incidents.
Strong ability to write concise, accurate incident documentation and reporting.
Working knowledge of both Windows and Linux operating systems from a security operations perspective.
Preferred Qualifications
Familiarity with detection logic tuning, custom rule creation, and threat hunting methodologies.
Experience in phishing investigations, malware sandboxing, and basic memory/network forensics.
Exposure to scripting languages such as Python, Bash, or PowerShell for task automation and data parsing.
Knowledge of cloud security monitoring tools and practices (Azure, AWS, Google Cloud).
Relevant certifications such as: Security+, CySA+, GCFE, GCIH, SC-200, or equivalent.
Technical Skills
Active Directory
Red Hat Enterprise Linux
Group Policy Management
Skills:
SIEM, EDR, NDR
About Company:
UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the worlds best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients organizations. With over 30,000 employees in 30 countries, UST builds for boundless impactxe2x80x94touching billions of lives in the process.